I'm thinking they just want to improve on the copies of Hercules that has been freely available to them for years.
Doesn't the EC require IBM to give the same sort of access to source code? -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Bigendian Smalls Sent: Saturday, October 17, 2015 9:30 AM To: [email protected] Subject: Re: [IBM-MAIN] (External):Re: IBM And - I don’t mean to imply at all that most companies are willfully abusing that fact, just simply that most software is a black box. > On Oct 17, 2015, at 11:08 AM, Clark Morris <[email protected]> wrote: > > On Sat, 17 Oct 2015 06:16:47 -0700 (PDT), in bit.listserv.ibm-main you > wrote: > >> The fact that IBM continues to issue integrity PTFs shows that their code is >> not perfect when it comes to integrity and therefore security. Nobody's is. >> So, it is possible, by a review of the code, that the Chinese review team >> can identify an integrity issue and save that for a later attack on an IBM >> customer. This is a big risk. > > Actually allowing any country to review code is to open an exposure. > On the other hand all users have at least some need to verify that > code is not exposing them. For those users with high security needs > and a large enough budget, having all software in house maybe using > open source software as a starting base can make sense. I believed > back in the 1970s and 80s that one of the best places to put a spy was > in the IBM software creation and distribution system. These comments > apply to all countries. It would be interesting to find out which > countries and entities are reviewing source code from the various > vendors. I believe that Snowden supporters are naive if they believe > that other major and not so major countries are not engaged in much > the same activities as those he accused the United States NSA and > other agencies of committing. If IBM is allowing the Chinese > government to review the code, I will guarantee that other governments > are also reviewing the code. In addition we know that at least some > ISV's have access to at least some of the code under non-disclosure > agreements. I leave to you who are citizens of various countries to > determine how concerned you should be. > > Clark Morris >> >> Barry Schrager >> Creator of ACF2 >> Member: Mainframe Hall of Fame >> www.Enterprisesystemsmedia.com/mainframe-hall-of-fame > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send > email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
