Re: intent of package seti@home
> I sent some email to them also asking that they consider releasing
> seti@home under the gpl, but got no answer back (yet). Maybe you might
I wrote to them as well with the weaker request, that they actually
get some people respected in the community to *audit* their code. If
I understand what it does correctly, it need not be a mathematically
inclined review - more a verification that "the math stuff over here
really does just *only* do math stuff" and then a detailed review of
the network and OS interface layer. I think I even suggested
Counterpane Systems (Bruce Schneier) as a possible auditor, though I
didn't go so far as to suggest that people would probably raise money
to have them do the work.
Recall that we have enough trouble with things like pine and imap,
which *have* widely available source, containing security compromises
(including some that were originally found with black-box tools, *not*
by reading the source.) These people appear to be scientists, and
not software engineers, though I may not be giving them sufficient
credit, they also haven't demonstrated it either.
Since I haven't heard from them either, I'll probably continue to
ignore them, and start doing mersenne.org crunching. (I only did a
little of that, after helping out with RSA-129 - a 486/40 with 16M
doesn't do much good, but it has been upgraded since, I have some more
machines now, hmmm.)
_Mark_ <eichin@thok.org>
The Herd Of Kittens
Reply to: