|
|
| Re: Elections Have Begun! (1285661) | |||
 |
|||
| Home > OTChat | |||
|
[ Read Responses | Post a New Response | Return to the Index ] |
|
||
|
Re: Elections Have Begun! |
|
|
Posted by SelkirkTMO on Sun May 3 15:39:14 2015, in response to Re: Elections Have Begun!, posted by Nilet on Sun May 3 05:41:53 2015. Ah ... need to explain a little better then. What you were seeing there was an audit on a cable modem using a forensics tool called net-snmp. The list was identifying which "listeners" were found IN the cable modem. Rest assured that spooks don't place neon signs above their code, that means that their code was found in the memory of the device itself and called out for each thing that was found in there.It's sorta like when an antivirus finds something and calls those out by name. Same deal. What was amusing about this list was how many different spies had all claimed a stake in there. :) As to "open sores" code, I've been at it since the 80's. The old saw of "many eyes" has proven to be a myth. The code defect that resulted in "heartbleed" has been sitting there in the code since the 80's. The NNTP bug has been sitting there since the 90's. NOBODY ever spotted it until just this past year AFTER the exploits overwhelmed too many systems. Same for so many others. Sure people look at the code. But do they actually understand it? If that were the case, these bugs would have been extinguished ages ago. But they were not because the reality is all that "code auditing" was never really done with the RIGHT eyeballs. So sorry, fail there. Even the original authors of the code in question never spotted the defect. As to Apple's code, they've been very good over the years at publishing any changes that THEY'VE made to the core code, the only reason why they didn't publish it all is because the vast majority of the code is the same original code that was always there. No need to. They publish what they do in order to help developers code properly for the iOS and OS X platforms and you do need the complete picture in order to do that right. And yeah, in order to code up for iOS, you need to know how that works too. It's all published in the XCODE SDK and documentation. And as to the proprietary nature of KNOS, it got reviewed once about two years ago and the determination was "it's bloody bog standard BSD." And yep ... it is! The only thing that's different about KNOS is that we have our proprietary tools to configure it and then spit out a finished product. Other than that, it *is* BSD through and through with things fixed. Every fix we did was submitted as a PR (Problem Report) back to BSD for them to fix. Sadly, like most open source, those PR's remain open and many were never fixed by BSD's maintainers. Many of those were because "this function is deprecated and replaced with this other super-duper shit. Nobody maintains Gnome 2 code anymore. We do. No worries ... the code you're running now will never be fixed either. |
|
|
|