>I will say that regarding eu law what Ignacio writes about >legality is
likely not correct
I'm no expert in EU law, and so I'm likely wrong here, but it may very well
be illegal. The issue is that, even if copyright law does not prevent use of
leaked source code, it is also a trade secret. I don't know exactly how that
would affect an end user, but it could still be an issue.
>Considering what else data gets leaked or obtained by >attacks, I find it
impressive that about one computer after >the next, the source code does not
get out. I believe the >companies must run a strict setup.
They almost certainly do have a *strict* setup, but that doesn't mean it's
complex. Carefully managed access means the company can easily find a leaker:
once it's known you did it, you've got lawsuits and a lifetime ban from
related projects. For anyone reasonably accepting of proprietary software,
there's no reason to leak.
>Even if you had the encryption keys, enabling you to flash >any piece of
software on the computer, if you do not have >the source software, you would
have to do reverse >engineering, which is impossible or difficult?
Your outline of the issues sounds perfect to me. In practice, I'm not quite
sure how difficult reverse engineering is: it's definitely not impossible,
but it certainly isn't as easy as writing software with a public
specification.
