Re: Getting Vendors To Fix Bugs


root (root@sbcs.sunysb.edu)
10 Nov 88 15:42:48 GMT


In article <2120@kalliope.rice.edu>, hd@kappa.rice.edu (Hubert D.) writes:
> We've been looking at software to connect our PCs and MACs
> to SUNs and VAXn. Now, with the possibity of holes and
> backdoors left in place by software vendors, I don't see
> how one can trust object code for communications software
> anymore. I'm going to take a hard think on wheather to
> go commercial or install/modify/develop public domain
> packages such as KA9Q, NCSA or PCIP (MIT & CMU).

        Huh? If you let anyone on your Ethernet cable with a PC you've
        basically just given up any hope for security. Even active
        methods like Kerberos will not protect you from people who
        just listen to eg TCP sessions on the cable.

> Hubert Daugherty
> hd@rice.edu

                                Rick Spanbauer
                                SUNY/Stony Brook



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:44:30 GMT