[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
True. But to extend the argument, are you suggesting that because a government department has access to the source code they therefore obtained a version of MS software that did not have the security flaws, or that they used software knowing that the backdoors existed and that they themselves were knowingly (rather than inadvertently) in breach of the data protection act? It may be that HMG could claim crown immunity, but what about all the other organisations who purchase software - schools, hospital trusts, employers holding personal information about their employees in payroll software etc. Being able to audit the source code is not really the issue. The issue is that MS software is known (or at least strongly suspected) to have a "break encryption and report to NSA" function, but Linux is not known to have this "feature" (although it might). Therefore data controllers have a duty to prevent information covered by the data protection act being stored on a computer running MS software (I think). Phil On 07/12/13 13:31, Simon Waters wrote: >> This is potentially huge. > Some government certifications require source code. Simply because not everyone > has access to Microsoft source code, can you assume the UK government does not. > > The distinction here between free and non-free is quite subtle in terms of > security checks, since the GPL doesn't require you make source code available to > anyone, only those to whom you distribute binaries. Here the source code is > available to buyers with influence rather than all buyers on request. > > On the other hand the Linux kernel is probably one of the best studied pieces of > source code in history and it still throws out bugs new and old, at a fairly > decent rate, despite exceptionally good levels of code quality. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq