Slashdot Mirror
Brian Behlendorf Interview
Robert McMillan writes: "Linux Magazine has an interview with Brian Behlendorf where he talks about what he's up to at Collab.net, and reminisces about the good old days at Wired. Did you know that he registered the macdonalds.com domain?"
It does not surprise me in the least that companies such as McDonald's, a few years ago, would not even know what registering a domain name means. The truth is that today most big companies make a Web site (because everybody does it) but more often than not it is absolutely pitiful.
Web sites for big business often have the following characteristics:
It is funny that those big companies pay so much for PR services that cannot even understand:
It is interesting to note that after a few years of experience with the Minitel in France, the successful Minitel sites had the following characteristics:
I guess that corporations do not learn from experience sometimes.
The only other common option is Solaris/Netscape, so where does Apache fit in?
;)
;)
BB came to meet with our company's developers and server jocks and discuss collab.net as an outsourcing model, and had some interesting things to say about his former employer, C2net.. He basically said that when Stronghold came out there was really no useful, viable SSL for Apache (he's right: SSL support at the time was difficult and tenuous IMHO). Then mod_ssl came along and out of the gate it was (his words) like 60% of Stronghold's speed/reliability/usability, and it increased rapidly, then surpassed Stronghold. The only reason to buy Stronghold/RedHat/Raven is for the US privilege of a licensed copy of R$A. C2 started deluding itself regarding the value of its proprietary software/features, and BB (rightly) bailed.
BTW, I had a chance to ask a couple of Qs to Dr. Eugene Spafford of Tripwire (he cowrote COPS, Tripwire, Practical Unix and Internet Security) yesterday, at a demo/pitch for Tripwire and some related security software (think MetaDirectory for ISS/FW-1/Nessus, etc). He was pretty down on OSS as a security solution, stating that the most secure software comes from small teams of competent designers and coders. While this may be true, I then asked him that given that almost any system can be penetrated, which system provides the best response (open or closed)? He said that it was dependent on the vendor, then proceeded to tell us that we should only select software vendors that implement high-quality security designs. I then also mentioned that, as a die-hard cynic, UCITA would probably become the best asset Open Source ever had, should it pass, since OSS provides the source and concrete licensing terms that are user and developer friendly, and corporate IT would then need to take EULAs extremely seriously. He said (to the effect) that I was being a bit glib, which is correct.
The upshot: putting aside the whole issue of objectivity (his bread is partially buttered by closed-source security solutions) I think our disagreement basically fell down along academic/engineering lines. He basically said that, in an ideal world, closed-source software would provide the most secure solutions. I'm not qualified to really argue that point, but I _am_ qualified to say that in the _real_ world, there are enough issues with availability, accountability and talent in the closed-source world that open-source moves ahead in terms of rapid response fixes and peer/quality review. When I asked him about the patch issue, he said, essentially, that responsible software companies can have patches out faster than OSS projects. My one word rebuttal: Microsoft. He really didn't have any further comment
I respect his opinions and expertise, but I feel that where the rubber meets the road, some of his preconceptions are off-base.
Your Working Boy,