From: Liam Helmer (linuxlists_at_thevenue.org)
Date: Tue 02 Nov 2004 - 17:53:26 GMT
It will always remain free software.
Long Answer: Part of the security of StrongBox linux is in the fact that
all the components are digitally signed. To do this, you need to have a
CA set up and embedded into the StrongBox initrd. The basic concept
money is that I sell pre-built versions that already have a company's CA
or a StrongBox commercial CA built in (different from the free CA that's
embedded in the downloadeable copies).
The problem with a free CA is that it's currently set up that anyone can
get a certificate on-demand. This means that anyone can get a
certificate with any organization name/subject heading that they wish.
It doesn't take a rocket scientist to see the security flaws in that.
That said, it's still more secure than an OS with no digital signing
being done at all. This is the only real difference between the
commercial versions and the free versions.
The exception to this is that some of the bundles for StrongBox may end
up with 3rd party commercial software in them that requires licencing
fees and so can't be given away for free. I haven't finished any of
these yet, but it is part of my roadmap. An example of such is an deal
I'm working on with a company that does Content Management Systems,
http://www.thesmallbox.com (which, incidentally, is a cool product and
has an online demo).
On Tue, 2004-11-02 at 09:18 -0800, R. Dale Thomas wrote:
> Liam Helmer wrote:
> Liam, is this 'free software' and will it always remain such?
> Vserver mailing list
-- Liam Helmer <linuxlists_at_thevenue.org>
_______________________________________________ Vserver mailing list Vserver_at_list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver