[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Netscape 5 will be GPL'ed
Markus Kuhn wrote:
| > NETSCAPE ANNOUNCES PLANS TO MAKE NEXT-GENERATION COMMUNICATOR SOURCE CODE
| > AVAILABLE FREE ON THE NET
| Finally mainstream software companies start to understand that security
| critical software has to be provided to the customer in full compilable
| source code to allow independent security evaluation.
I'm not sure that this is the message they're sending at all.
They're trying to work the Linux/GNU model of getting a horde of
volunteer programmers to improve their product, and base other
products on it, because of the ease of integration. I don't know that
security was even on their minds.
| No formal CC/ITSEC evaluation process can beat the scrutiny of the
| Internet crowd. I wonder how long we have to wait for the day on which
Not that the internet crowd is such hot shit, either. The freely
usable FWTK contained a *really* easy to find replay attack for about
3 years, befire I pointed it out at the Crypto rump session.
(www.homeport.org/~adam/crypto97.html). Small code. Comments
pointing to problems. Security critical in some instances. 3 Years
| we can download the latest GPL'ed Windows NT version source code from
| Microsoft's web server ...
"It is seldom that liberty of any kind is lost all at once."