Re: Distributing user-developed Linux software and licensing issues.

---

• From: Runesabre <runesabre@xxxxxxxxx>
• Date: Wed, 18 Jan 2006 15:10:58 -0800 (PST)

---

> > 3. Aside from server security, there is the
matter of account password
> > security. How can I fathom giving away the full
source code and thus giving
> > anyone the ability to network snoop and easily
grab customer
> > account/password data?

> Web servers are open source, and so are some
browsers, they're both
> capable of secure data transmissions. Being open
source isn't a
> problem. You've just got to use secure data
transmissions, and that's
> it.

I appreciate the replies from everyone. You have all
been very helpful! (/wave Markku and Tim)

I'm not a security expert so I'm learning as I go.
What I can't really understand is how a client-side
application can be completely open source and secure
at the same time without giving away its encryption
techniques. I can't afford for every customer to be
issued a SecureId fob like I used in the workplace and
any secret "key" transmitted over the 'net can simply
be intercepted and used with full knowledge of how the
key works since access to the source code is
available. My customers aren't locked to using their
account from a specific machine.

Do open source web servers include the full source to
their encryption routines? What about SSL? Is the
source to SSL open to the public?

Thanks again for the responses.

Kirk Black

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

---

• Follow-Ups:
  • Re: Distributing user-developed Linux software and licensing issues.
    • From: Markku Kolkka
  • Re: Distributing user-developed Linux software and licensing issues.
    • From: Tim
  • Re: Distributing user-developed Linux software and licensing issues.
    • From: Leonard Isham
  • Re: Distributing user-developed Linux software and licensing issues.
    • From: Mikkel L. Ellertson

• Prev by Date: Re: Lazy gnome panel
• Next by Date: Re: Private Mirror/Repository
• Previous by thread: Re: Distributing user-developed Linux software and licensing issues.
• Next by thread: Re: Distributing user-developed Linux software and licensing issues.
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: How to run aspnet with system account ... Well, darn, Joseph. ... considering the "lack of security" ... Even if you only run your own code on your servers, ... >> Telling people that you CAN safely run ASP.Net under the System account ... (microsoft.public.dotnet.security) Re: How to run aspnet with system account ... Well, darn, Joseph. ... considering the "lack of security" ... Even if you only run your own code on your servers, ... >> Telling people that you CAN safely run ASP.Net under the System account ... (microsoft.public.dotnet.framework.aspnet.security) Re: Finding out admin username ... configured in the Security Options on the servers: ... Network access: Do not allow anonymous enumeration of SAM accounts - Enabled ... The administrator account has a set SID no matter what you rename the ... (microsoft.public.win2000.security) Have been hacked? ... Every service is a potential security threat, ... is certified and experianced to test your servers. ... change the name of the admin account and create ... log on the the server as an administrator... ... (microsoft.public.security) Risks Digest 25.73 ... German electronic health card system failure ... Risks of the Cloud: Liquid Motors ... Oakland 2010, IEEE Symposium on Security and Privacy, CFP ... A friend's facebook account was hacked recently (a neat little short-term ... (comp.risks)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)