On Mon, Oct 12, 1998 at 08:24:47PM +0530, Ishaaq Chandy wrote:
>
> 2. Here's a theoretical one: Since the Linux sources are freely
> available to anyone would'nt it make it easier for hackers/crackers to
> break into a Linux system if they read the sources?
>
<mode=light>
Linux is made by (real good) hackers.
</mode>
If you rely on the unavailability of source code for security, then
God help you from such a _security_. Just look how many password
protected, hanky panky janky protected games and applications have
been broken. All the games I play most of which are supposed to be
copy protected somehow are cracked, a large portion of it is cracked
locally.
My point is, you can't give security by hiding source, if your app has
holes, they will come out. And it's not that hard to trace a program,
although it's not necessary most of the time.
In contrast to your belief, open source software is _much more_ secure
than closed ones. Thousands of hackers are scrutinizing every line of
your code, whenever they find anything they announce the discovery as
loudly as they can (this is a _man_ thing I guess), they know if they
don't, someone else will take the credit. Also you get the fixes more
quickly. In closed source, a hacker will tend to shut his mouth and
exploit the bug. Worse, when the bug gets public, the producer will do
nothing until a commercially sizeable users start yelling. Only then
will they move like a slow elephant to look into the matter, meanwhile
... he got in, took/done, got out.
(I have to use cracked software because you can't get uncracked ones,
specially games in this part of the world - one of the reasons I
really like linux)
