Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

For security-critical or sensitive situations, auditability should be a requirement. That implies access to source code and capabilty to build it.

Decisions like these need to be done from first principles. SharePoint shouldn't even have been a contender here if looked at seriously. Do your own homework.



Think you answered just about everything except the question asked


I think this guy wants OpenBSD running on a POWER-based Mainframe at every governmental organization.


Well, if you can't manage text emails with BSD mailx from the CLI, you probably shouldn't be working on nuclear weapons in the first place...


> For security-critical or sensitive situations, auditability should be a requirement. That implies access to source code and capabilty to build it.

Vendors can be accountable without providing source code, for example through contracts specifying performance.

I don't know how large Sharepoint's source is, though it has many components and I assume there is quite a bit of code. Auditing the source code of something like Microsoft Office seems almost impossible.

> first principles.

What does that mean in this context?


Doesn't Microsoft have government programs that grant source code access for products like Windows and (probably) SharePoint?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: