From: "Geo." 

"Tony Williams"  wrote in message
news:3dea5563$1{at}w3.nls.net...

> I'm generally pretty neutral in the closed- vs. open-source wars, but I
> hate it when companies cover up problems and threaten people who
> publicise them instead of saying thanks and publishing a fix.

I believe in full disclosure, without that vendors have too much power to
snuff out the information so nobody knows how exposed they are, and it's in
the vendors interest to do this because it looks bad for them when an
exploit is discovered.

Back to the open/closed source thing for a moment though..

One of the things I learned while learning to hack was that if you can
download and install whatever it is you are trying to hack, the job becomes
a whole lot easier. If you can look inside it (read the source code) I
believe it becomes even easier if you know what you are looking at.

As an example, suppose I wanted to crack a remote desktop type app. If it
were PCanywhere best I could do is buy a copy of it and try messing with
it. If it were an open source remote desktop, I could download it free,
download the source, and use the source as a starting point in writing an
exploit or brute force password cracker. To my mind that is a huge
advantage to a hacker.

Geo.

--- BBBS/NT v4.01 Flag-4