Source vs. binary for tools

[jepstein () cordant com (Jeremy Epstein -C2 PROJECT)]

All the discussion of the good & (mostly) bad aspects of ISS
being delivered in binary form unless you pay lots of extra $$$
reminds me of the following:

I used to work for a large federal (mostly DoD) contracting
company.  A number of the classified programs needed software
tools, including some stuff freely available on the net (e.g.,
X clients, COPS, various subroutine libraries).  I had a machine
on the net, and tried to get stuff and give it to the classified
projects.  Turns out they couldn't accept it: even if I provided
source, unless the product came from a "vendor" they had to read
the source to make sure it didn't include any malicious code.  If
it came from a vendor in a shrink-wrapper package (e.g., in binary),
it was a cinch to get it accepted.

So there's some anti-logic for everyone bashing the binary
policy of ISS.  If I were still at that company and gave them
ISS 1.0 source for free, they couldn't accept it, but if they
bought ISS 2.0 binary then that would be useable.

[Not to say I agree or disagree with the ISS policy...just to
explain that there's another viewpoint.]

--Jeremy Epstein
Cordant, Inc.
jepstein () cordant com