Stewart Stremler wrote:
You can't ever _know_ that your application is safe. Even if you
compiled it yourself.
Well, define "safe".
A security audit looking for buffer exploits, race conditions, etc. is
both difficult and expensive.
A security audit looking to make sure that nothing packs up my entire
customer database and mails it c/o Microsoft is fairly easy and cheap.
This is the problem with entrusting my data to Microsoft, Sun, Google,
etc. If all of my data is over there, they can index, search, and mine
that data with me being completely unaware.
This is, after all, what Google does with Gmail.
-a
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
