Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Gauntlet: source code anyone ?

From: philipsholt () uswest net
Date: Mon, 22 Mar 1999 15:03:09 -0800
So the fact that few people use the source code
is not a good argument for the vendors to restrict it.  The option
should still be there for clients to fully inspect the product should
they wish to: afterall they are buying security and an important way to
assure this is to check the source code of the single point of failure.


   Perhaps I can add this as well.   "Security, and it's impleemntation, is as
good as it's weakest link."
   I completely concur, and if there are those that are curentily not receiving
Bruce Schneier's Monthly CRYPTO-GRAM, then you may want to do so. Generally is
availble ~ the 15th of each month, and it discusses the above and relevant
topics (shortcomings)  in great length.
   It is available @ http://www.counterpane.com/crypto-gram-9902.html  (Last
month's issue)


Expansion in the market place is killing security - to be dramatic.


   Very much so.

--
Philip S Holt
Jerrapin Technology
Network & Security Systems Engineering
Seattle, WA
206 285 4533

 "A Prudent Man Concealeth knowledge, but the heart of fools proclaimed
foolishness"
 - Proverbs 12:23

 "How Now! A Rat? DEAD, for a ducat, dead! .... thou retched rash, intruding
foul farewell!"
 - Shakespeare's Hamlet


Chapter Headings from: 'Actually Useful Intrenet Security Techniques' Larry J
Hughes, Jr. New Riders Publishing 1995
Previous By Date Next
Previous By Thread Next

Current thread: