[Cryptography] Yet more formal methods news: seL4 to go open source
Bill Frantz
frantz at pwpconsult.com
Tue Jun 10 19:08:52 EDT 2014
On 6/9/14 at 8:35 AM, leichter at lrw.com (Jerry Leichter) wrote:
>Consider the interaction between verification and open source.
>If you make *any* changes to a verified piece of code, you lose
>the verification. So just what does having access to the source
>buy you?
The most important value of open source, and I am thinking back
to the days when IBM published the source for its systems, is
that the source is the best documentation around. If you don't
know how to use OpenSSL, looking at the source is a big help.
Don't know what an option does? Look at the source.
GIven the terrible state of internals documentation, and all to
frequently user documentation, "may the source be with you."
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | Security is like Government | Periwinkle
(408)356-8506 | services. The market doesn't | 16345
Englewood Ave
www.pwpconsult.com | want to pay for them. | Los Gatos,
CA 95032
More information about the cryptography
mailing list