[Discuss] NAS: encryption
Richard Pieri
richard.pieri at gmail.com
Wed Jul 8 10:15:02 EDT 2015
On 7/7/2015 6:26 PM, Derek Martin wrote:
> The difference is, the software most of us rely on is open source, and
> is known to have been inspected by some very smart 3rd parties who
"Some very smart 3rd parties?" Can you actually name any of them? I
mean, can you name the specific people at Red Hat and SuSE and Debian
who have done this?
I doubt it. Red Hat and SuSE paid atsec for their EAL and FIPS testings
and the associated source code examinations. Microsoft also paid atsec
for some of their EAL and FIPS testings. As have Samsung, Apple and many
others. iSECPartners, who performed the phase 2 audit of the TrueCrpyt
source code, have also performed security audits and consulting for
Apple and Microsoft. The very smart 3rd parties who have actually
examined the open source code are the same very smart 3rd parties that
have done so with the closed source code.
--
Rich P.
More information about the Discuss
mailing list