Forwarded from: Kurt Seifried <listuserat_private> One thing I'm wondering. How do you KNOW that the code MS is showing you is "real", i.e. not something made up or several versions old? Essentially I can take a source rpm/tarball/whatever on a linux/bsd systems and chances are good I can create the exact same binary (MD5 sum et all) as the binary shipped by a given project. Is this possible with MS's source code? You would have no idea if the source code they are showing you is actually the source code in use. I'm not trying to be paranoid or anything, but it makes me wonder. Yet another fun issue with proprietary software. Kurt Seifried, kurtat_private A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Mar 14 2003 - 02:28:42 PST