Mike Finn wrote:
>
> "Microsoft also said open-source software is inherently less secure because
> the code is available for the world to examine for flaws, making it possible
> for hackers or criminals to exploit them. Proprietary software, the company
> argued, is more secure because of its closed nature."
>
<rant>
Umm, yah, that's why it took until NT4 for them to fix that neat little
LanManager hash issue - where the password hash sent over the LAN was
cleartext equivalent.
I wonder if Microsoft's developers really believe that it's that hard to
reverse engineer weak algorythms. Apparently 'more secure' is equivalent
to "I can't tell if there are any backdoors because I don't have the
source." Maybe, "It must be more secure: I can't verify that it's
mathematically correct!"
The same principal is why science done by hermits in mountain hideaways
has been so much more influential to modern technology than science done
openly in an environment where peer review and reproduction of
experimental results is critical to acceptance.
pfah! First they take bad engineering ("Windows won't run without
Internet Explorer") and use it as an excuse for monopolistic practices,
and then they take bad security practices ("If we tell them how it
works, they'll break it") and try to make it a virtue!
Hrm... Here's the loaded question for Microsoft's talking heads: "If
open source security is so bad, why did you use kerberos under Windows
2000?"
</rant>
OK, back to work.
-danch
_______________________________________________________________
Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
