why free?
David GLAUDE
dglaude at ael.be
Mon Jul 18 22:11:43 UTC 2005
Let's say that I will be more dangerous having access to the code and
beeing able to recompile after changing the power adjust function than
changing random bytes with an hexadecimal editor into the HAL binary file.
It does not make security by obscurity less false or fake, but it is
obvious that if I poke into a binary there are less chances that I will
optain the expected goal (especially if the binary is CRC protected
against peaple like me. ;-)
David GLAUDE
Rui Miguel Seabra wrote:
> On Mon, 2005-07-18 at 23:32 +0200, David GLAUDE wrote:
>
>>If some peaple outside the company were to write their own version of
>>the HAL and that this version would not respect the standard, it would
>>have dangerous consequence such as disturbing military radar frequency.
>>This could be by mistake or intentionnal. Also boosting the power of
>>your 802.11 card will be very unfair for your neighborg and if everybody
>>does like you it will make the system useless.
>>
>>Is this a place where the potential harm of free software is more
>>dangerous than the good it make.
>
> Sorry, but absolutely not. That a danger (?) that exists regardless of
> being Free Software or not.
>
> Its a well known fact among security guys that you don't actually need
> the source code or rights to source code access to alter binary
> programs... just remember all those exploits to the [secret source code]
> Microsoft Windows operating system.
More information about the Discussion
mailing list