FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » [CM] Falkvinge: MtGox had custom SSHD written in PHP
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: [CM] Falkvinge: MtGox had custom SSHD written in PHP [message #185207 is a reply to message #185206] Tue, 11 March 2014 21:08 Go to previous messageGo to previous message
john[1] is currently offline  john[1]
Messages: 1
Registered: March 2014
Karma:
Junior Member
RS Wood wrote:

> From the «That oughta work» department:
> Title: Security At MtGox Much Worse Than Originally Imagined
> Author: Rick Falkvinge
> Date: Mon, 10 Mar 2014 20:06:30 -0400
> Link:
> http://feeds.falkvinge.net/~r/Falkvinge-on-Infopolicy/~3/DNADqqiDLrY/
>>>
> The article in question[5] (gone from the server, but saved by the
> Internet Archive) was about how Karpeles had decided to write his own
> security mechanisms for remote access to his core servers. This goes
> against every grain, every practice, every professionalism of good
> security that exists. Security is hard and needs thousands of eyes to find
> the small but important bugs – just last week, a bug in Apple’s iOS was
> discovered where an attacker could have impersonated any target. And that
> was from Apple.
>
> Any person who calls themselves a professional in the IT field will end
> the conversation with anybody, no matter what title, who boasts that they
> have created their own security. You just don’t do it. It’s beyond
> reckless. It’s practically a guarantee that you will get broken into
> tracelessly.
>


Ok, I always prefer open source software myself, but there is alot of
attitude there. So I'll be a contradictory smart-ass for the sake of
discussion.. :)

As he says, not even Apple (or Tor, or ssl/ssh, or boost, or Linux kernel)
can do it. Show me any major piece of software that has been massively
reviewed, that has had no major security flaws/exploits. And that will not
continue to have exploits.

Theory is nice, but show me real world statistics, open source vs.
proprietary.
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Previous Topic: switch with range of comparisons
Next Topic: readdir lists randomly
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Nov 28 01:57:16 GMT 2024

Total time taken to generate the page: 0.04213 seconds