[linux-elitists] Dateline April 12, 2001 Microsoft: Closed source is more secure

Aaron Lehmann aaronl@vitelus.com
Wed Aug 15 03:46:49 PDT 2001


On Wed, Aug 15, 2001 at 08:02:29PM +1000, Jeff Waugh wrote:
> Thanks to Telsa, who pointed this one out to me:
> 
>   http://linuxtoday.com/news_story.php3?ltsn=2001-08-07-011-20-SC
> 
> Yes, it has happened, and it sucks pretty hard. There are numerous other
> examples, but this is the most recent.

BUT, AFIAK these aren't official distributions of products. I've heard
of mirrors having bad things, for example win.tue.nl was once
compromized and some distributed binaries were trojaned. That could
happen to a Windows distribution site too, and has nothing to do with
open/closed source. For the sake of this argument, I was only
interested in "trap doors" - these hypothetical code snips that MS
postulates the existance of that look harmless but are really evil. I
imagine MS is talking about these being part of an official
distribution of a program, and therefore these seemingly harmless
pieces of code being integrated by the well-meaning maintainer. I am
skeptical of the idea that this is a risk and doubt it has ever
happened at a significant scale. Microsoft probably thought it up to
scare people, as usual.



More information about the linux-elitists mailing list