>> But let me put the burden of proof back on you. Can you name a single
>> acknowledged security expert who says "the first rule of security is not
>> to talk about security". I can find plenty who say the opposite.
>
> I believe all Lothar was trying to say is that on an academic level it's
> very right and proper to talk openly about security concepts, practices,
> etc and to learn from each other, but as a commercial company hoping to
> protect IP it's probably not wise to go about volunteering information
> about your specific security mechanisms.

"protect security IP", wth is that supposed to mean?
If somone refuses to tell me how they implement security, I'm not going
to believe them it's secure.

+--- Kero ------------------------- kero@chello@nl ---+
|  all the meaningless and empty words I spoke        |
|                       Promises -- The Cranberries   |
+--- M38c --- http://members.chello.nl/k.vangelder ---+