[Asterisk-Users] Re: www.openpbx.org
Steve Kennedy
steve-asterisk at gbnet.net
Sat Oct 8 11:55:54 MST 2005
On Sat, Oct 08, 2005 at 08:43:07PM +0300, Tzafrir Cohen wrote:
> On Sat, Oct 08, 2005 at 11:59:04AM -0400, Mike M wrote:
> > On Sat, Oct 08, 2005 at 09:20:07AM -0400, Paul wrote:
> > > Closed source might delay the cracker but it also delays pre-crack and
> > > post-crack countermeasures.
> > What's the alternative? Open source? Cracking is unnecessary with open
> > source.
> Search a bit about "security by obscurity". Basically if the security of
> your system depends on a secret you can't easily change, it will get
> exposed sooner or later. So you should design it to withstand such
> leakage. E.g: change a password if it was exposed.
As this was related to Mastercard/Visa, they can allow open source,
however the software has to be certified to meet their security specs,
which may be harder to accomplish for open source.
Steve
--
NetTek Ltd Fax +44-(0)20 7483 2455
Skype / In stevekennedyuk / UK +442088167166 / US +13106518226
Vonage UK +442079932612 / US +13108577715 / UK mob 07775 755503
Personal Blog http://stevekennedy.blogspot.com
Euro Tech News Blog http://eurotechnews.blogspot.com
More information about the asterisk-users
mailing list