Firewalls: Re: TRUST US

Firewalls
(April 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: TRUST US
From:	murkland @ pwfl . com (Richard Murkland 407-796-5249)
Date:	Fri, 28 Apr 95 12:49:46 EDT
To:	firewalls @ GreatCircle . COM (Andrew Molitor)

Andrew Molitor wrote:
> 	Here's a simple quick question, the answer to which will vary
> from person to person. Why do you want the source for your security tools?
> 
> 	Do you actually have time to do a proper inspection of the code? Is
> it because documentation is always terrible, and if you have the source, you
> can at least fall back on it? Is it so you can tinker with it? Some other
> reason?

All of the above, plus lack of faith that sufficient vendor support
personnel exist (for any vendor) to rapidly handle _all_ their
customers sites at once in the event of a widespread problem. If your
site can't wait for the vendor to fix it, then you should require
source code for it.

-- 
Richard Murkland   (407)796-5249
Pratt & Whitney,  West Palm Beach, Fl
murkland @
 pwfl .
 com
My opinions are my own, not necessarily shared by Pratt & Whitney.

Indexed By Date	Previous:	having the source - From: amolitor @ anubis . network . com (Andrew Molitor)
Indexed By Date	Next:	DISTRIBUTION STATUS From: "Postmaster" <POSTMSTR @ RALSSW01 . USPS . GOV>
Indexed By Thread	Previous:	Re: TRUST US From: Quentin Fennessy <Quentin . Fennessy @ SEMATECH . Org>
Indexed By Thread	Next:	Re: TRUST US From: Rick Smith <smith @ sctc . com>