[p2p-hackers] OmilyX: Secure VoIP

[coderman]

On 2/23/06, Alex Pankratov <ap at hamachi.cc> wrote:
> ...
> We are talking about different things it seems. The binary
> might be buggy or it might be bugged. To me the former is
> bad, but latter is far worse. Having a source at hand does
> nothing to establish the trust in a binaries.

different things indeed.   i agree that source does not imply
security, see the recent bsd beacon debacle as evidence [1].

what i am saying is that source goes a long way to clearing the "low
hanging fruit" that is extremely difficult to validate in binary
applications and gives much more oversight with less effort. really
bad code is easy to spot in source, but much more difficult in
resulting binaries.

if you are referring to a disconnect between source and binary
(regarding the trust comment), see the source checksum in linux kernel
modules feature as a way to bind these if you don't want to build from
sources yourself.  obviously you should always obtain binaries from
someone you trust who has built from source in such a situation.


> Would Cisco IPsec client or SSH SecureCRT qualify as 'some
> closed source networked application' ?

not in my book, but in others perhaps.  remember cisco gate?  not
remotely exploitable?
while this code is much better than most (again, due to the process of
development that is visible, even if the sources are not widely so) it
could be more reputable with visible sources providing additional
oversight and making any security claims easier to verify.

enjoy your security theater...

1. http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/net80211/ieee80211_ioctl.c.diff?r1=1.41&r2=1.42&f=h

P.S.  visible sources does not mean open source (as in freedom).  you
can retain tight ownership ala M$ shared source.

see also: http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/open-source-security.html
"Is Open Source Good for Security?"