> > >So has any expert ever audited qmail or djbdns?
> >
> > No. Any audit worth doing would be prohibitively expensive for a
> > freeware project. $1000 wouldn't even begin to cover it, at
> > least for qmail.
Whoa, sure, it'd cost a load if you paid someone to do it, but open
source has other
2000-11-14-15:01:07 Charles Cazabon:
> However, as far as qmail goes: all the crackers in the world have
> had access to the qmail source code and design documentation for
> years, and none have yet found an exploitable security hole. You
> could consider that a fairly thorough audit-by-fire.
And
2000-11-14-15:07:28 [EMAIL PROTECTED]:
> [Bruce Schneier is] the author of perhaps the most popular book on
> computer security that's available to the public.
Which book are you referring to? "Secrets and Lies"? While it's a
powerful contribution in the way of standing back and re-examining
the
2000-11-14-15:11:43 Paul Jarc:
> Only the "select few" will be able to audit it well, regardless of
> the license, and they can afford to charge a hefty fee, regardless
> of the license.
They certainly can. They do not always choose to do so, however. If
enough people really wanted to get a deter
2000-11-14-15:11:55 Adam McKenna:
> But you have to realize that this is the same argument put forward
> by many people pushing closed source solutions over open source
> ones (that it has been analyzed by "experts"), and invariably many
> security holes are found anyway.
Again, it helps to under
2000-11-14-16:24:36 Adam McKenna:
> Bruce Scheiner is a god, [...]
It's possible you're being sarcastic, but there are those who would
very nearly agree with you. While he may not actually be a god, he
is certainly the single most important contributor to getting really
top notch crypto out of re
2000-11-14-16:37:06 Lipscomb, Al:
> Open Source is often used to describe software that has its source
> code available regardless of the license involved.
Could be, people use words as they wish. But if you'll take a visit
to http://www.opensource.org/>, you'll find that the term was
very specif
2000-08-01-10:50:58 Ben Beuchler:
> Sometime in the near future we will be a djbdns shop. It will
> take some arm twisting of the other admins, but it will happen.
That's good. You'll be glad.
I'll tell you how I made the transition, not that this is the only
way or anything, but it worked real
