Mike Finn wrote: > > "Microsoft also said open-source software is inherently less secure because > the code is available for the world to examine for flaws, making it possible > for hackers or criminals to exploit them. Proprietary software, the company > argued, is more secure because of its closed nature." >
<rant> Umm, yah, that's why it took until NT4 for them to fix that neat little LanManager hash issue - where the password hash sent over the LAN was cleartext equivalent. I wonder if Microsoft's developers really believe that it's that hard to reverse engineer weak algorythms. Apparently 'more secure' is equivalent to "I can't tell if there are any backdoors because I don't have the source." Maybe, "It must be more secure: I can't verify that it's mathematically correct!" The same principal is why science done by hermits in mountain hideaways has been so much more influential to modern technology than science done openly in an environment where peer review and reproduction of experimental results is critical to acceptance. pfah! First they take bad engineering ("Windows won't run without Internet Explorer") and use it as an excuse for monopolistic practices, and then they take bad security practices ("If we tell them how it works, they'll break it") and try to make it a virtue! Hrm... Here's the loaded question for Microsoft's talking heads: "If open source security is so bad, why did you use kerberos under Windows 2000?" </rant> OK, back to work. -danch _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development