Re: atheros chips dangerous?

---

• From: Wesley Morgan <morganw@xxxxxxxxxxxxx>
• Date: Fri, 11 Aug 2006 12:53:33 -0400 (EDT)

---

On Fri, 11 Aug 2006, Poul-Henning Kamp wrote:

In message <44DC47D7.2050908@xxxxxxxxx>, =?ISO-8859-1?Q?=22Jos=E9_M=2E_Fandi=F1
o=22?= writes:

Sam compiled those binaries, he has the source code.

And it is a matter of trust.

from the phk's comments I deduce that it was a NDA between Atheros
and FreeBSD.

The NDA is between Atheros and Sam Leffler.

In my opinion the difference is that with NDA you place trust in
a few persons (the ones with the code), whilst with open source
drivers the code can be reviewed by all people with enough
knowledge about the subject and since peer review is an important
concept in FOSS quality (and security) it would be desirable
to have free code.

While that is certainly true, I also feel that the fact that
Atheros has actively tried to work with the FOSS people to get
a good driver should be credited to them.

Other vendors have been totally impossible to work with.

I agree, the Atheros driver is fantastic. The driver may be "binary" in some ways, but I think we got the best of both worlds. The vendor is providing every scrap of information necessary without having to give away trade secrets, and FreeBSD got a driver authored by a developer who is probably one of the most qualified people in the world to work on it. I know I go out of my way to purchase and recommend Atheros-based wireless devices because of this.

Anyone who simply makes the blanket assumption that because something is "FOSS" that it gets more peer review need only to look at some of the oldest open source projects around, such as sendmail or XFree/Xorg, to realize that security problems can persist for years without being discovered.


--
This .signature sanitized for your protection
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

---

• Follow-Ups:
  • Re: atheros chips dangerous?
    • From: "José M. Fandiño"
  • Re: atheros chips dangerous?
    • From: Doug Barton
  • Re: atheros chips dangerous?
    • From: David G. Andersen

• References:
  • Re: atheros chips dangerous?
    • From: Poul-Henning Kamp

• Prev by Date: Re: atheros chips dangerous?
• Next by Date: Tom Yerex is out of the office.
• Previous by thread: Re: atheros chips dangerous?
• Next by thread: Re: atheros chips dangerous?
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: FreeBSD on Eeepc 1000h ... Atheros L1 FastEthernet ... This one is second generation of L1 controller which is supposed to be ... at the moment there is no driver available? ... Note it seems that the hardware, at least AR8121, ... (freebsd-questions) Re: FreeBSD as an wireless access point ... wpa_supplicant works) that your best bet is an Atheros based card. ... You'll notice that Sam Leffler, the FreeBSD wireless guru, is one of the ... information there is pertinent to the athdriver in FreeBSD. ... (comp.unix.bsd.freebsd.misc) Re: FreeBSD on Eeepc 1000h ... Atheros L1 FastEthernet ... This one is second generation of L1 controller which is supposed to be ... at the moment there is no driver available? ... Note it seems that the hardware, at least AR8121, ... (freebsd-questions) Re: DOT11_OPERATION_MODE_NETWORK_MONITOR in NDIS 6.0 on Vista ... The card I'm using is a Linksys WMP55AG v1.2. ... the Atheros Chipset AR5001X+. ... Gianluca Varenni, Windows DDK MVP ... Vista from within an NDIS protocol driver? ... (microsoft.public.development.device.drivers) Re: best graphics card for "out of the box" ... ATI's binary-only driver. ... FOSS ATI driver. ... Nvidia has shown no ... (Ubuntu)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)