Date: Fri, 11 Aug 2006 10:46:19 +0200 From: =?ISO-8859-1?Q?=22Jos=E9_M=2E_Fandi=F1o=22?= <jm.fandino@fadesa.es> To: freebsd-security@freebsd.org Subject: Re: atheros chips dangerous? Message-ID: <44DC43DB.5060904@fadesa.es> In-Reply-To: <19518.1155238010@critter.freebsd.dk> References: <19518.1155238010@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
Poul-Henning Kamp wrote: > In message <20060810130331.X94142@3jane.math.ualberta.ca>, Barkley Vowk writes: > >>On Thu, 10 Aug 2006, Poul-Henning Kamp wrote: >> >>>The Atheros driver in FreeBSD is maintained and compiled by Sam Leffler, >>>who has been around since BSD 4.2 in the early eighties sometimes. >>> >>>I trust Sam. >> >>I don't think that quite answers his question however. Its not so much a >>matter of trusting Sam, but a matter of trusting that Sam had enough >>access to the binary objects in question to have eliminated the errors in >>them. > > Sam compiled those binaries, he has the source code. > > And it is a matter of trust. from the phk's comments I deduce that it was a NDA between Atheros and FreeBSD. In my opinion the difference is that with NDA you place trust in a few persons (the ones with the code), whilst with open source drivers the code can be reviewed by all people with enough knowledge about the subject and since peer review is an important concept in FOSS quality (and security) it would be desirable to have free code. this answers to my question, thanks you.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44DC43DB.5060904>