Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Full-Disclosure] Cisco's stolen code

from [Ng, Kenneth (US)] Network Security [Permanent Link]
Subject: RE: [Full-Disclosure] Cisco's stolen code
Date: Tue, 25 May 2004 14:28:40 -0400 
Brian: I will give you another good reason to not go near the stolen code.
If you EVER want to work on any project that is even remotely related to
routers, or routing or anything else that Cisco equipment can do, you can
not have touched any of the stolen code, or your code will be suspect.
(Your accounting package has queues?  Cisco IOS has queues (I assume), you
must have copied it.)  Even if your writing the code entirely from scratch,
because you have seen the stolen code, you may be suspect.  Is it unfair?
Definitely.  But this is why the GNU people emphasize staying away from any
licensed source code.

-----Original Message-----
From: full-disclosure-admin@lists.netsys.com
[mailto:full-disclosure-admin@lists.netsys.com]On Behalf Of
Valdis.Kletnieks@vt.edu
Sent: Tuesday, May 25, 2004 12:59 PM
To: Brian Toovey
Cc: VX Dude; full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] Cisco's stolen code 


On Tue, 25 May 2004 11:28:19 EDT, Brian Toovey <btoovey@igxglobal.com>
said:

if whitehats dont audit the code, who will?  I find your response more
ignorant.

Whitehats won't go anywhere near the Cisco code for the same reason they
won't
go near the Windows code - even if they feel morally justified in peeking at
the source code, it's still illegal to do so.  So you need at least a
slightly
gray hat to even consider the idea - so only grey/black hats will benefit.
#include <open-source-is-better-because-whitehats-can-audit-too.h>


*****************************************************************************
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized. 

If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.         
*****************************************************************************
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-Disclosure] Cisco's stolen code, madsaxon
Next by Date:  RE: [Full-Disclosure] irc over ssl, Ng, Kenneth (US)
Previous by Thread:  [Full-Disclosure] ERRATA: [ GLSA 200405-16 ] Multiple XSS Vulnerabilities in SquirrelMail, Kurt Lieber
Next by Thread:  RE: [Full-Disclosure] Cisco's stolen code, Ron DuFresne
Indexes:  [Date] [Thread] [Top] [All Lists]