General Discussion Sophos code review?

UTM Firewall requires membership for participation - click to join

Thread Info

State Verified Answer
Locked Locked
Replies 16 replies
Subscribers 8 subscribers
Views 33832 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos code review?

NewImage over 9 years ago

After the recent findings of a back door in Dual_EC surreptitiously included in Juniper's product, I was curious if Sophos has planned any audits for unauthorized code.

This thread was automatically locked due to age.

0 bloudraak over 9 years ago in reply to Scott_Klassen

I appreciate the time you took to to address my concerns and the effort you put into helping folks in the community. I was always impressed by Sophos, but the past year or so, they have tested that loyalty.

Again, may thanks.
Cancel
Vote Up 0 Vote Down

Cancel
0 Scott_Klassen over 9 years ago

Your welcome. I agree on the loyalty test, but for much longer than a year. Just ask folks how long wi-fi was almost unusable by many due to bugs, before it got ironed out. Before that, there was a significant period of time when the web proxy had a series of major issues. If Sophos does something well, I'll raise a glass to them, but I can also be critical of their faux-pas, of which there have been many. I still have a love for the UTM product and the other forum members.
Cancel
Vote Up 0 Vote Down

Cancel
0 William Warren over 9 years ago in reply to bloudraak

We disagree but yes we still have a very good respect for each other. Disagreement means a difference of opinion not that we cannot stand each other..:)
Cancel
Vote Up 0 Vote Down

Cancel
0 bloudraak over 9 years ago in reply to William Warren

That was understood from the beginning. :)
Cancel
Vote Up 0 Vote Down

Cancel
0 teched over 9 years ago in reply to bloudraak
Have you (everyone and anyone) acquired the relevant GPL, and similar, source code from Sophos?

It would be appreciated if someone would ask about the OSS components and code, through official channels, and share the official answer. Multiple asks can useful for consistency checks in answers and encouraging clearer documentation.

# less /doc/utm-3rd-party-licenses.txt

RPM package name/version/release/arch and license, sorted by license:

# rpm -qa --qf "%{name}-%{version}-%{release}.%{arch}\t%{license}\n" | sort -k2
Cancel
Vote Up 0 Vote Down

Cancel
0 NewImage over 9 years ago

Fortinet just had a hard-coded password discovered in FortiOS 4.3 up to 5.0.7.
Cancel
Vote Up 0 Vote Down

Cancel