Trusting software

Trusting software
Jason Miller, 2005-12-07

Open-source or closed-source, it's the same issue. Using other people's software has a lot to do with trust. If you don't trust the right people, you're putting yourself at risk.

Expand all | Post comment

Trusting software 2005-12-07
Ray Kaplan (2 replies)

Re: Trusting software 2005-12-19
Anonymous

Re: Trusting software 2005-12-19
hkmaly

Trusting software 2005-12-08
Don Parker

Trusting software - what goes around comes around 2005-12-08
Steve Lodin (1 replies)

Back in the mid 90's when I discovered the Kerberos RNG vulnerability, the discussion centered around trust and spaghetti code. I would add besides trust in people, trust in the software design and development practices of the organization responsible for code delivery.

https://www.cerias.purdue.edu/tools_and_resources/bibtex_arc
hive/archive/97-01.pdf

Abstract
--------
One of the commonly-accepted principles of software design for security is that making the source code openly available leads to better security. The presumption is that the open publication of source code will lead others to review the code for errors. However, this openness is no guarantee of correctness.

Steve Lodin

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/373/32794#32794

One side effect of source availability 2005-12-08
jesse (1 replies)

Re: One side effect of source availability 2005-12-09
Anonymous

Trusting software 2005-12-09
Tim Hudson

Trusting software 2005-12-15
Howard Israel