|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Alan Cox (alan_at_lxorguk.ukuu.org.uk)
Date: Sat Oct 26 2002 - 09:05:17 CDT
On Sat, 2002-10-26 at 10:24, puja wrote:.
> Actually as I said earlier that I have bought the code from some third
> party and also since its size is very bit,its not possible to tell its
> programmers to explain each and every part of it.
If you can't easily prove everything in it then assume its full of holes
unless the party you got it from did a full audit of that code and did
it with different people to those who wrote it.
Security auditing is hard, the consequence of not auditing is even more
expensive but you don't have to pay that one when you buy the product.
This is one of the big reasons computer security is in such a dire
state.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]