2000-08-01-10:50:58 Ben Beuchler:
Sometime in the near future we will be a djbdns shop. It will
take some arm twisting of the other admins, but it will happen.
That's good. You'll be glad.
I'll tell you how I made the transition, not that this is the only
way or anything, but it worked
So has any expert ever audited qmail or djbdns?
No. Any audit worth doing would be prohibitively expensive for a
freeware project. $1000 wouldn't even begin to cover it, at
least for qmail.
Whoa, sure, it'd cost a load if you paid someone to do it, but open
source has other routes. A
2000-11-14-15:01:07 Charles Cazabon:
However, as far as qmail goes: all the crackers in the world have
had access to the qmail source code and design documentation for
years, and none have yet found an exploitable security hole. You
could consider that a fairly thorough audit-by-fire.
And a
2000-11-14-15:07:28 [EMAIL PROTECTED]:
[Bruce Schneier is] the author of perhaps the most popular book on
computer security that's available to the public.
Which book are you referring to? "Secrets and Lies"? While it's a
powerful contribution in the way of standing back and re-examining
the
2000-11-14-15:11:43 Paul Jarc:
Only the "select few" will be able to audit it well, regardless of
the license, and they can afford to charge a hefty fee, regardless
of the license.
They certainly can. They do not always choose to do so, however. If
enough people really wanted to get a
2000-11-14-15:11:55 Adam McKenna:
But you have to realize that this is the same argument put forward
by many people pushing closed source solutions over open source
ones (that it has been analyzed by "experts"), and invariably many
security holes are found anyway.
Again, it helps to
2000-11-14-16:24:36 Adam McKenna:
Bruce Scheiner is a god, [...]
It's possible you're being sarcastic, but there are those who would
very nearly agree with you. While he may not actually be a god, he
is certainly the single most important contributor to getting really
top notch crypto out of
2000-11-14-16:37:06 Lipscomb, Al:
Open Source is often used to describe software that has its source
code available regardless of the license involved.
Could be, people use words as they wish. But if you'll take a visit
to URL:http://www.opensource.org/, you'll find that the term was
very
