I forgot to CC the list! -------- Forwarded Message -------- > From: brian wheeler <[EMAIL PROTECTED]> > To: Goehring, Chuck, RCI - San Diego > <[EMAIL PROTECTED]> > Subject: Re: OT: Free Software as a "Security Hole" > Date: Wed, 12 Jan 2005 12:28:34 -0500 > On Wed, 2005-01-12 at 09:21 -0800, Goehring, Chuck, RCI - San Diego > wrote: > > I post here for lack of a better place. Sorry in advance to anyone > > offended. > > > > > > > > I was speaking to an acquaintance that has a security background and > > she told me her company prohibits the use of "Free" software because > > there is no guarantee that there are no "backdoors" in it. > > > > > > Define 'free'! If you're talking closed-source free, then yeah, there's > a distinct possibility that there's backdoors in it. Heck, even non- > free closed-source applications have been known to have backdoors in > them. > > If by 'free' you mean open-source free, then you can guarantee(*) that > there aren't any backdoors by looking at the source itself. Even if you > don't check yourself, you can be relatively sure that there isn't > because it would come up rather quickly if someone did take a peek at > the source. > > Brian > > (*) Guaranteed with the exception of the method described in > "Reflections on Trusting Trust" by Ken Thompson. > > > > -- brian wheeler <[EMAIL PROTECTED]>
