More security and security politics than crypto, but I thought this was rather interesting to this community:
Nominum's Jon Shalowitz is interviewed on why you should buy Nominum's stuff over using open source, oh, pardon, "freeware[sic]" software: Q: What characterises that open-source, freeware legacy DNS that you think makes it weaker? A: Number one is in terms of security controls. If I have a secret way of blocking a hacker from attacking my software, if it's freeware or open source, the hacker can look at the code. By virtue of something being open source, it has to be open to everybody to look into. I can't keep secrets in there. But if I have a commercial-grade software product, then all of that is closed off, and so things are not visible to the hacker. http://news.zdnet.co.uk/itmanagement/0,1000000308,39760362,00.htm?s_cid=260 I guess Mr. Shalowitz is unaware of the existence of disassemblers. Either that, or perhaps all those people attacking Windows successfully have the source code, I'm not sure which. Perry -- Perry E. Metzger pe...@piermont.com --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com