"Infamous cracker Kevin Mitnick (turned security consultant) has come out to say that he'd prefer to 'hack' open source code vs proprietary closed code. "Mitnick says that open source software is easier to analyse for security holes, since you can see the code. Proprietary software, on the other hand, requires either reverse engineering, getting your hands on illicit copies of the source code, or using a technique called 'fuzzing'." He further says that open source is more secure, but leaves you wondering questions if enough people are really interested in securing open source code."

External Links
http://www.tectonic.co.za/view.php?src=rss&id=839

My favorite bit out of it....

He runs Microsoft Windows XP Pro, Microsoft Windows 2003 Server, Debian, Gentoo and Solaris. Currently he's penning an autobiography to clear up some myths about himself. And no, you can't launch a nuclear attack by whistling into a telephone.

I want to be able to launch nukes from whistling into a phone.

I want to be able to launch nukes from whistling into a phone.
Don't we all?

-Wild

And no, you can't launch a nuclear attack by whistling into a telephone.


If some wannabe-1337 script kiddie who calls himself a cracker can't do it, that doesn't mean I can't;)

Infamous? Ive never heard of them =P

Now if I have heard of them before (or if it was someone I had heard of) id probably believe them more.

And the fact that open source is easier to examine because you can see the source... Uh, arnt there decompilers out there? That take a binary and turn it into normal code again? Well, I know there are some, since I had one on my computer, but I have no idea how well or if they work =P

Chimera, Id hardly call Mitty a wannabe cracker or a script kiddie.

Chimera, Id hardly call Mitty a wannabe cracker or a script kiddie.

grab one of those sarcasm detectors...

*Beep* *Beep*

Moves it over Chimera's Post

*BeepBeepBeepBeepBeepBeepBeepBeepBeepBeepBeepBeepB eepBeep*

Noted.
=)

And the fact that open source is easier to examine because you can see the source... Uh, arnt there decompilers out there? That take a binary and turn it into normal code again? Well, I know there are some, since I had one on my computer, but I have no idea how well or if they work =P

The resultant code would have (at least) all of the comments missing, and probably have obfuscated variable/ function names, too. Of course, this is how some people program anyway, so I guess it works pretty well in those cases ;)