RE: refactoring when using CVS

[Thornley, David]

> -----Original Message-----
> From: Noel Yap [mailto:address@hidden

> Other than theoretical attacks found by acadamecians
> (that I think were later fixed) and possibly holes
> within Visual J++, I haven't heard of any
> insecurities, can you point me to a site, please?
> 
In the US, under the DMCA, it is impossible to legally
post a proof of insecurity, and people have indeed been
sued for demonstrating that security vulnerabilities
are practical and not merely theoretical.  This means
that any company can claim perfect security, and can ignore
reported vulnerabilities by either claiming they are
only theoretical and could not happen, or by asking for
a cease-and-desist order to shut up the person showing
otherwise.

Therefore, vulnerabilities can only be properly discussed
in illegal communities, or in countries with rational
copyright laws.

Therefore, also, I have no personal faith in the security
of any product sold in the US that is not open source, and
even that is a bit iffy.

So, just remember that it will often be futile to ask
for credible sites showing insecurities, unless you are
active in illegal cracking organizations.