Re: atheros chips dangerous?

On Fri, 11 Aug 2006, Poul-Henning Kamp wrote:

In message <44DC47D7.2050908@xxxxxxxxx>, =?ISO-8859-1?Q?=22Jos=E9_M=2E_Fandi=F1
o=22?= writes:

Sam compiled those binaries, he has the source code.

And it is a matter of trust.

from the phk's comments I deduce that it was a NDA between Atheros
and FreeBSD.

The NDA is between Atheros and Sam Leffler.

In my opinion the difference is that with NDA you place trust in
a few persons (the ones with the code), whilst with open source
drivers the code can be reviewed by all people with enough
knowledge about the subject and since peer review is an important
concept in FOSS quality (and security) it would be desirable
to have free code.

While that is certainly true, I also feel that the fact that
Atheros has actively tried to work with the FOSS people to get
a good driver should be credited to them.

Other vendors have been totally impossible to work with.

I agree, the Atheros driver is fantastic. The driver may be "binary" in some ways, but I think we got the best of both worlds. The vendor is providing every scrap of information necessary without having to give away trade secrets, and FreeBSD got a driver authored by a developer who is probably one of the most qualified people in the world to work on it. I know I go out of my way to purchase and recommend Atheros-based wireless devices because of this.

Anyone who simply makes the blanket assumption that because something is "FOSS" that it gets more peer review need only to look at some of the oldest open source projects around, such as sendmail or XFree/Xorg, to realize that security problems can persist for years without being discovered.


--
This .signature sanitized for your protection
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: FreeBSD as an wireless access point
    ... wpa_supplicant works) that your best bet is an Atheros based card. ... You'll notice that Sam Leffler, the FreeBSD wireless guru, is one of the ... information there is pertinent to the athdriver in FreeBSD. ...
    (comp.unix.bsd.freebsd.misc)
  • Re: DOT11_OPERATION_MODE_NETWORK_MONITOR in NDIS 6.0 on Vista
    ... The card I'm using is a Linksys WMP55AG v1.2. ... the Atheros Chipset AR5001X+. ... Gianluca Varenni, Windows DDK MVP ... Vista from within an NDIS protocol driver? ...
    (microsoft.public.development.device.drivers)
  • Re: onboard NIC: Attansic L2 [SOLVED]
    ... Chris Shook of Redhat has contacted me and asked me to check the multi-booting ... Atheros L2 driver for all OS's that needs it. ... installing Attansic drivers and Atheros drivers in a multi-boot ...
    (Fedora)
  • Re: airlink 101 usb wireless ethernet card
    ... kernel 2.6.15 ... Check http://madwifi.org/ and their madwifi driver for the ... Atheros chip. ... I use the driver for both the Airlink101 Super G PCI card ...
    (comp.os.linux.hardware)
  • Re: best graphics card for "out of the box"
    ... ATI's binary-only driver. ... FOSS ATI driver. ... Nvidia has shown no ...
    (Ubuntu)