"correcting" transactions

Mike or Penny Novack stepbystepfarm at mtdata.com
Sat Feb 22 09:29:58 EST 2014 

>
> Oh yeah, and, in case I didn't mention it above, I have been 
> programming since 1981 when I started using dBASE II under CP/M.  I 
> won't count the work I did from August, 1977 when I bought my first 
> computer, a Radio Shack Model I, until I bought dBASE II, running it 
> under several RS Model II computers running CP/M instead of TRS-DOS 
> (kinda like my running Linux since about the mid 90's instead of MS 
> Windows.

You are confusing what I said. And if you do have programming experience 
you shouldn't have.

I was NOT saying open source meant "insecure" in the sense of the 
examples you gave. That the program implementing an encryption algorithm 
is open source has nothing to do with the security of the algorithm 
itself. But it does mean that I (or you if a programmer) could easily 
write our own implementation that in addition to doing what the open 
source encryption algorithm did ALSO did something else or failed to do 
some minor thing related to the overall security of that encryption 
program (like maybe it had an additional piece to check for a weak key 
being used -- that could be disabled without changing how the program 
encrypted or decrypted but would make the overall system less secure for 
anybody using it). THAT is why an encryption program should be open 
source, so that it can be examined to check that it isn't doing 
something ELSE "on the side".

Are you saying that as a programmer, given that gnucash is open source, 
and if gnucash had this proposed "lock" that you say would make it 
secure, you would be unable to write your own slightly modified version 
of gnucash where this check against the lock did nothing if the 
condition were violated? You could use that special version to make the 
disallowed change. In other words,  you would be able to get around this 
lock.

Michael

PS: I am not even saying that a naively written check of this sort would 
necessarily be secure even in non-open source software. But open source 
means any competent programmer could do it, not just one capable of 
working at the machine code level and armed with tools like a "monitor" 
program.

More information about the gnucash-user mailing list