Originally Posted by
matsp
Not to mention that it doesn't take a lot of skill to understand some assembler code and from that derive a rough sketch of what the code looks like in the original source. If we combine that with some understanding of where the security hole may be located, it is likely that we can find the hole without an enormous amount of effort. Of course, traipsing through tons of disassembly is slightly more complex than doing the same with tons of source code, but it is not sufficient to make one secure and the other insecure in and of itself.
--
Mats