Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

IP: : More on Pentagon Open-Source Fight

From: David Farber <dfarber () earthlink net>
Date: Thu, 23 May 2002 08:43:55 -0400

-----Original Message-----
From: "Tim O'Connor" <oconnort () nyu edu>
Date: Thu, 23 May 2002 08:28:34 
To: dave () farber net
Subject: More on Pentagon Open-Source Fight


Dave Farber's message quoted a WashPost article:


Microsoft also said open-source software is inherently less secure
because the code is available for the world to examine for flaws,
making it possible for hackers or criminals to exploit
them. Proprietary software, the company argued, is more secure because
of its closed nature.

"I've never seen a systematic study that showed open source to be more
secure," said Dorothy Denning, a professor of computer science at
Georgetown University who specializes in information warfare.


It is regrettable that Microsoft sinks to the "security by obscurity" 
defense, and that this is the reactive quote to follow.  (At least
they allowed Gene Spafford to get a word in.)  

At the heart of it, anyone who has done development of sensitive
applications knows that peer review makes your product stronger, not 
weaker, something Phil Zimmerman admits regarding his pre-PGP encryption 
attempt!

The pointed question to be posed to Microsoft's foot soldiers is:
Where did MS post the source code to their mail software?  Because
that shadowy legion of evil guys Out There sure must be reading it 
closely, to have developed so many hacks against it.  How would most of 
us spend large parts of our days, if we didn't have the privilege of 
scraping out of our mailboxes the dregs of worms and viral stubs that 
(if we're lucky) have been defanged by our SMTP gateways?

--tim o'connor

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Tim O'Connor                                        tim.oconnor () nyu edu
New York University
Information Technology Services                   Phone: (212) 998-3024
Technology Security Manager, Office of the CITO     Fax: (212) 995-4929
10 Astor Pl., New York, NY 10003

For archives see:
http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: