--- "Thornley, David" <[EMAIL PROTECTED]> wrote: > > From: Noel Yap [mailto:[EMAIL PROTECTED]] > > > Other than theoretical attacks found by > acadamecians > > (that I think were later fixed) and possibly holes > > within Visual J++, I haven't heard of any > > insecurities, can you point me to a site, please? > > > In the US, under the DMCA, it is impossible to > legally > post a proof of insecurity, and people have indeed > been > sued for demonstrating that security vulnerabilities > are practical and not merely theoretical. This > means > that any company can claim perfect security, and can > ignore > reported vulnerabilities by either claiming they are > only theoretical and could not happen, or by asking > for > a cease-and-desist order to shut up the person > showing > otherwise. > > Therefore, vulnerabilities can only be properly > discussed > in illegal communities, or in countries with > rational > copyright laws. > > Therefore, also, I have no personal faith in the > security > of any product sold in the US that is not open > source, and > even that is a bit iffy. > > So, just remember that it will often be futile to > ask > for credible sites showing insecurities, unless you > are > active in illegal cracking organizations.
You're absolutely right. Thanks for reminding me. Noel __________________________________________________ Do You Yahoo!? Yahoo! Sports - Coverage of the 2002 Olympic Games http://sports.yahoo.com _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
