[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Fortify
-----BEGIN PGP SIGNED MESSAGE-----
On Fri, 13 Mar 1998, David Honig wrote:
> Not to burst your optimism, but wouldn't good software design dictate
> maintainable, ie, modifiable code?
That depends on how you are using the term 'good.' If the purpose of the
design is to make a programmer's life easy, then you may be right.
On the other hand, if the software calls for a bit of security, like
ns does, then I would assume otherwise. Programmers who are serious about
making crippleware don't distribute the full executable with a simple
branch instruction (going to the cripple routine) to keep the user at bay:
they know that it is trivial to modify the code. I would assume that
the programmer's at netscape understand this. If they were serious about
keeping people from using 128 bit crypto, they would have yanked it
completely.
Now, I don't think that this was done out of benevolence, mind you.
Rather, I think that they are a bit more concerned with producing a
good browser and didn't take the time to design a weak-crypto version:
they took the easy way out.
Netscape wants to make money, and for this I support them. They aren't
going to pay programmers to make a product like a weak-crypto browser
when it doesn't make them money. They get the minimum job done to bow to
ITAR, and they get to work on some new snazzy features for the next
version.
They make Fortezza-based browsers too, would we call them the servants
of Big Brother? Hell no. They are neither freedom fighters nor henchmen
of a tyrant: they are businessmen.
Michael J. Graffam ([email protected])
http://www.mhv.net/~mgraffam -- Philosophy, Religion, Computers, Crypto, etc
"Enlightenment is man's emergence from his self-incurred immaturity.
Immaturity is the inability to use one's own understanding without the
guidance of another. . .Sapere aude! Have the courage to use your own
understanding!" - Immanuel Kant "What is Enlightenment?"
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv
iQCVAwUBNQmEAAKEiLNUxnAfAQEL2QQAhvnV1xLRjXo5YHl+IBwAmBYLzfnPFspP
KXNG5cxltO2ImEK094PxC9FPbEqvmHtid/e+kNzJ4lMPVAh+JZ6ALrcynRkjWK8F
ZkgDZbqaIorT94w2SJppcxMAVYyJ9oAw94uytcXvPTEXDn2IOdTlpw/3gsTaHEPN
ly4Kb1iBhMs=
=tgBR
-----END PGP SIGNATURE-----