Re: atheros chips dangerous?

In message <44DC47D7.2050908@fadesa.es>, =?ISO-8859-1?Q?=22Jos=E9_M=2E_Fandi=F1
o=22?= writes:

>> Sam compiled those binaries, he has the source code.
>> 
> And it is a matter of trust.
>
>from the phk's comments I deduce that it was a NDA between Atheros
>and FreeBSD.

The NDA is between Atheros and Sam Leffler.

>In my opinion the difference is that with NDA you place trust in
>a few persons (the ones with the code), whilst with open source
>drivers the code can be reviewed by all people with enough
>knowledge about the subject and since peer review is an important
>concept in FOSS quality (and security) it would be desirable
>to have free code.

While that is certainly true, I also feel that the fact that
Atheros has actively tried to work with the FOSS people to get
a good driver should be credited to them.

Other vendors have been totally impossible to work with.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"