[BBLISA] How would you address this?

Bob Keyes bob at bawia.org
Sat Feb 18 17:44:28 EST 2006



On Sat, 18 Feb 2006, Michael Tiernan wrote:

>    "Think you [could] use strings(1) on the binary to find the
> location of the file name and emacs to edit the binary (Of course, the
> new name has to be no longer than the old one)."
> No, really, I considered it. The reality is, that when other people
> have to depend on our work, doing something like this taints all the
> results generated by the software in addition to voiding any warranty
> that might have existed. (As a side note, it probably breaks two or
> three laws AND puts you dead center in the liability issue.)

Bravo! I used to that type of sysadmin, too proud and territorial to let
some vendor their impose their broken standards on my systems. Seven or
eight years ago, I might have actually gone into their code and hacked it
to act the way I thought it should, and most likely turned off their
copy-protection scheme while I was at it, just to be a wise-ass. These
days, however, I would just look at such a requirement as theirs and tell
my boss, "This violates our corporate standards and therefore presents a
maintainability problem. It will require more work to maintain, and will
be more prone to failure. Is there an alternative we can use that does not
have this problem?" - and let the boss tell the software vendor that the
company is investigating competing products because of their so-called
security requirement. Perhaps there is no way around the problem. But
you've warned the boss and covered your backside.




More information about the bblisa mailing list