[MLUG] Study: Open source poses security risks (???)

Email address obfuscation in effect -- please click here to turn it off.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: MLUG membership <EMAIL:PROTECTED>
Subject: [MLUG] Study: Open source poses security risks (???)
From: Mike Miller <EMAIL:PROTECTED>
Date: Wed, 5 Jun 2002 17:37:24 -0500 (CDT)
Reply-to: EMAIL:PROTECTED
Sender: EMAIL:PROTECTED

The article below sounds like the same old song and dance to me.  The
problem, as I see it, is that *software* poses risks.  Of course
open-source poses security risks, but so does proprietary software (viz.,
most any M$ product).  What about in-house products written under tight
security and supervision?  Well, even if the coding team can get past the
occasional disgruntled employee, they have the problem of debugging.
It's basically impossible to know that there are no security holes in a
software product.  Therefore, open source is best because it is the most
thoroughly tested and examined code available.  One man's opinion.
--Mike

P.S.  Let's not quote this *whole* thing in every reply!!  ;-)

--------------------------------------------------------------------------


http://zdnet.com.com/2102-1104-929669.html

ZDNet (UK)
May 31, 2002

Study: Open source poses security risks

By Matthew Broersma

A conservative U.S. think tank suggests in an upcoming report that
open-source software is inherently less secure than proprietary software,
and warns governments against relying on it for national security.

The white paper, Opening the Open Source Debate, from the Alexis de
Tocqueville Institution (ADTI) will suggest that open source opens the
gates to hackers and terrorists.

"Terrorists trying to hack or disrupt U.S. computer networks might find it
easier if the federal government attempts to switch to 'open source' as
some groups propose," ADTI said in a statement released ahead of the
report.

Open-source software is freely available for distribution and
modification, as long as the modified software is itself available under
open-source terms. The Linux operating system is the best-known example of
open source, having become popular in the Web server market because of its
stability and low cost.

Many researchers have also suggested that since a large community
contributes to and scrutinizes open-source code, security holes are less
likely to occur than in proprietary software, and can be caught and fixed
more quickly.

The ADTI white paper, to be released next week, will take the opposite
line, outlining "how open source might facilitate efforts to disrupt or
sabotage electronic commerce, air traffic control or even sensitive
surveillance systems," the institute said.

"Computer systems are the backbone to U.S. national security," said ADTI
Chairman Gregory Fossedal. "Before the Pentagon and other federal agencies
make uninformed decisions to alter the very foundation of computer
security, they should study the potential consequences carefully."

--
To unsubscribe, go to http://mlug.missouri.edu/members/edit.php

Archives are available at http://mlug.missouri.edu/list-archives/

Follow-Ups:
- Re: [MLUG] Study: Open source poses security risks (???)
  - From: Mark Haidekker <EMAIL:PROTECTED>
- Re: [MLUG] Study: Open source poses security risks (???)
  - From: Michael <EMAIL:PROTECTED>

Prev by Date: [MLUG] Linux based Internet Appliance
Next by Date: [MLUG] simile virus
Previous by thread: Re: [MLUG] Linux based Internet Appliance
Next by thread: Re: [MLUG] Study: Open source poses security risks (???)
Index(es):
- Date
- Thread