Slashdot Mirror
'Think Tank' Issues Microsoft-Funded Troll
dlur (among many others) writes: "According to this ZDNet article, a Washington think tank known as the Alexis de Tocqueville Institution is soon to release a study stating that Open Source Software allows terrorists an easy time hacking into our systems. It's little suprise that this group takes money from Microsoft."
The Register's story
is good too.
All the whoring reports in the world won't make open source any less secure. This same institute backed destabilizing, unworkable '80s missile defense
and thinks Alexis de Tocqueville would have wanted the
V-22 Osprey deathplane.
Also, see what their coin-operated policy dispenser spat out for
internet privacy
(eat what you're fed) and
antitrust
(advantage of Microsoft monopoly: "manufacturers of computer hardware need to provide only one
driver").
We weren't going to run this, but there were a lot of submissions, so ...
It seems to me that when software is created by "hackers" and made by "hackers" that they would as a team know what to do to make the software as hackerfree as possible. By making a product open source, it is only sensible that it is then open to be studied by hackers and exploited by malicious hackers but at the same time, just as genius "white-hat" hackers can quickly repair these security flaws thus keeping the software secure. So, how then can it be possible to say that Open Source is more hacker prone than proprietary software? Beats me
"This same institute backed destabilizing, unworkable '80s missile defense and thinks Alexis de Tocqueville would have wanted the V-22 Osprey deathplane."
Nice to see no politics being spouted here.
What I do not understand is why there aren't any similar groups for the OpenSource / non-Darkside avocations.
If MS can fund groups such as these to spill forth what is obviously [then again, not much is obvious it seems to the 90% of the population] utter trash, surely we [ non-MS ] can do the same.
If this group spills out such toxic waste words as these, why does it gain so much attention in the general public?
Is there any reason why we cannot write an article stating "Microsoft Closed source enables Terrorists to easially render 90% of the information market paralized"... (after all, there is far more 'hard' evidence in the form of email-worms etc than there is behind what has been written in this article).
They're not running their touted monoculture on their own web servers!
"My opinions are my own, and I've got *lots* of them!"
Read that last sentence again - it's a thousand-pound gorilla.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
Hacker making software knowing more to stop hackers is such bullshit. Most hackers that use the term like that can't code their way out of a wet paper bag. Saying hackers would make better code is fine, but get a clue that when you use the term "Hacker" no matter how you mean it the mainstream media will always see it as "EVIL" period. No one but the people that profess that hacking is a cleaver way to solve a problem think that it means a way to solve a problem. So what is that 5% if your lucky? Hell they even get pissed when someone else says it if they are not "hackers".
For the love of Pete, everyone else hears hackers making software know how to protect you from the hackers, err sorry crackers, er wackers, black hat, grey hat, white hat, red hat, tinky winky hat...ahh hell you know the "bad hackers" are going to do it also and make us pay. BAh...Your going to code a back door I know it. To push the point they will point to the C compiler...eww but the was to prove a point right?!
Slashdot and the legions of ethical hackers need to learn that the word hacker will forever be seen in the eyes of 90% of the world as bad. Plus no one is going to believe that a bunch of people coding for free is going to not do something devious to make money, despite what you may really do. Those same 90% of the world that see hacking as a bad word also believe people don't work for free. I guess that guy that just loves to dig ditches because it is fun is shit out of luck, because really he is not scoping out anything to steal.
-4 anti-karma whore, I will enjoy the mod-down as you just can't help but to hate the truth.
Neck_of_the_Woods
#/usr/local/surf/glassy/overhead
I agree. I worked at the same plant during the late 80's and early 90's. One crash was due to the fact that a plug was not idiot proof and was plugged in upside down causing the controls to respond opposite to what they should. Another was caused by a test pilot pushing the aircraft beyond its limits.
A real problem was that some administrations wanted the project and others did not. This caused Boeing and Bell to have to produce a production version before it was really ready. Our pay "Tricky-Dick" Cheney was responsible for that.
I think if the government had decided to build the plane and accepted reasonable schedules, a lot of this misfortune could have been avoided.
If you had ever seen one operating up close, you'd probably be impressed. It's a friggin cool airplane!
I want to be alone with the sandwich
Who cares what a "Think Tank" says?
Why does this organization get any press anyway? What exactly is a think tank, and what credentials does it have? I mean, is this anything more than an organization dedicated to producing biased press releases?
The organization's mission statement is completely devoid of meaning.
"Since 1988, the Alexis de tocqueville Instition has studied the spread and perfection of democracy around the world. In this, we follow the principles of Tocqueville himself... At the root, perhaps, is a populist belief in the basic goodness, perfectability, and nobility of mankind and of the human community...Operationally, adTI strives to emulate what one scholar has termed Tocqueville's 'omnicurious style of journalism."
Say what? I mean, read the whole mission statement. It says absolutely nothing using a lot of jackoff big words. I don't get what any of it has to do w/de Tocqueville, a french author who reported on US culture a hundred fifty years ago.
The fact that MS is funding this-- WHO ARE THESE GUYS?! I mean, why would anyone even CARE or bother reporting their opinion?
Sometimes I think these organizations exist soley to have their representatives on talk shows and to have a semblance of a structure from which to spew their opinion.
So far NSA's advocacy has been used to let me get away with all kinds of open source implementation.
And don't imagine that the folks in Redmond don't realize that. They've had their lawyers trying to pressure the DoD to stop the project (the usu arguments we've seen them use w/other gov'ts... it shows favoritism, etc.).
I don't know if this true but I read in a recent ask slashdot that microsoft will show its source code to anyone who can afford it. The source code could easily get stolen and could eventually wind up in terrorist hands. So it would be no better than open source.
Democracy Now! - your daily, uncensored, corporate-free
I'm sorry to be a party-pooper, but where's the evidence that they take money from Microsoft? The ZDNet article says nothing about that, and the talkback comments (at least the few dozen that I read) provide no evidence along those lines, either. The Register says that Richard Smith says that they take money from Microsoft, though they present no evidence along those lines. Smith's a cool guy and all, and he's got a good track record, but I'm going to need a little more than a second-hand non-credited reference to believe this.
I did a little poking around and a little Googling, but was unable to come up with any evidence on my own.
So, please, could somebody enlighten me?
-Waldo Jaquith
Google search for al qaeda and linux
Those search results speak for themselves on who helps terrorists.
The previous has been a secret message to my comrades.
This group also claimed, during Congressional probes into tobacco company fraud, that cigarettes and tobacco products were not harmful to your health. From this memo by a director of the World Health Organization:
l ous.htm
"In addition to creating front groups and contributing funds to groups that have a mission broad enough to carry some of the tobacco industry's goals, the tobacco companies also use publications by allegedly independent think tanks, such as the Virginia-based Alexis De Tocqueville Institution. This group's 1994 report "Science, Economics, and Environmental Policy: A Critical Examination" criticizes the US Environmental Protection Agency's risk assessment methods in 4 areas: environmental tobacco smoke, radon, pesticides, and hazardous cleanup. It dismisses in its first chapter the agency's risk assessment of environmental tobacco smoke, using arguments similar to the tobacco industry's "junk science" arguments described by Ong and Glantz. "
It seems Microsoft is making some strange bedfellows.
Sources:
http://www.smokefreeforhealth.org/studies/YachBia
ZDNet Post
that thinkthank is very pro-republican. very, very pro republican. Read more into the site, you'll see it, all the pro defense and pro bush comments. Or maybe i have selective sight(Not being sarcastic, i may actually only see what i want to)
"Humanize war? You might as talk about humanizing hell!" -- British Admiral Jacky Fisher
"The white paper, Opening the Open Source Debate, from the Alexis de
.. closed source is NOT a "Gate" that blocks
h tml
r ticles/A600 50-2002May22.html
.gov likes it just fine ;-)
Tocqueville Institution (ADTI) will suggest that open source opens the
gates to hackers and terrorists."
My $0.02:
... First of all, there ARE NO GATES! All software contains bugs,
sometimes exploitable.
hacking... yes, exactly: nimda, codeRed, klez, iloveyou, and just about
every other "virus" reported in the last two years... blah blah blah...
...shitty analogy...
See: Publications and Accomplishments
http://www.adti.net/pubsaccomps.
They don't exactly seem to be experts in any field of computers,
networks, or security that I can tell. They did some reports for more
traditional defense related topics several years ago, but thats it. They
are however, very good at reporting on controversial issues, mainly
politcal in nature. Hmmm..
Here's a question. Of the total number of security problems reported
regarding closed vs. open source products, what percentage were
pre-emptive fixes reported by whitehats, v.s. those exploited and thus
forced to be officially reported?
My point is... a bug is a bug, but it's a hell of a lot better if it's
patched before it's ever exploited. So it's totally wrong to look purely
at # of reported security problems in product XYZ. I would expect an
open source product to have a significantly higher # of reported
problems. That's a good thing IMO, since that means there's less of them
lurking.
The bottom line: Everything has bugs. More eyes, less bugs. More secure.
Simple. Now would someone try and explain that to these anti-open-source
nitwits?
Oh, and may I point out: (already reported)
http://www.washingtonpost.com/wp-dyn/a
http://www.nsa.gov/selinux/
It seems like our
-Mark Renouf
Complete Bonk.
Open Source is more secure as the problems are fixed faster than closed source, proprietary systems.
All software, closed and open have vulnerabilities.
However, you can't PROACTIVELY peer review and fix closed proprietary software continuously, unlike open source software.
Since you cannot proactively secure closed software, who in God's name would believe such a completely ludicrous report?
God help us ALL if anyone takes those sorts of arguments and so called "studies" seriously.
-Hack
Got Geometrodynamics? Awe, too hard to figure out? Too bad.
Suppose they're right, and OpenSource is easier to hack. Doesn't fixing the bugs count? Would you rather wait for MS to admit the bug, fix the bug, release the fix, etc. or let all the open source crowd fix it in an hour?
;-)
(i submitted this story monday morning, and it was rejected....oh well
This story just might wind up biting Microsoft in the ass; if the rest of the sharks in the press start smelling blood in the water.
- Alexis de Tocqueville
Sorry about the writing. Robot fingers, you know? Cliff Steele in DOOM PATROL #23
The three biggest lies redux,
smoking is good for you, windoze is secure, the check is in the mail
This is more than just script kiddies. Open source is good against script kiddies. That may simply be its low radar profile more than anything, but it could be the open source community finding bugs as well.
But when people are interested in more than general vandalism, it becomes a different story. If I need to hack something that is open source, I check out the source, and look for buffer overruns and what not. It's hard for the very popular stuff, but for most programs, a bug is easy to find. And even for the more popular stuff, there are always holes to be found if you expend enough effort looking.
For very popular closed source programs, the first thing to try is the online community. Someone somewhere has something. For companies like Microsoft with poor security reputations, and lots of people trying to hack them, there is actually a lot.
But if you have to figure out a bug yourself, it's time for buffer overflow testing, reverse engineering with a hex editor, and what not.
So which is harder?
I'd say hacking into popular open source programs is the hardest. However, hacking into unpopular open source programs is the easiest. There is a range of security considerations, and it is always possible for evil people to find your vulnerabilities if they have enough resources.
i seem to recall the 9/11 dudes communicating with hotmail accounts on windows machines.
wasn't this a tragedy that closed source could have prevented?
Similarly, closed source is often an attraction to developers (and higher quality developers) to work harder to produce better products, but just because source is closed doesn't necessarily make it better. There are examples of crap software on both sides of the fence. Everybody likes to get something for free, though, and often that's all it takes to "sell" a crap piece of open software, even if it's at the expense of the closed source innovator.
One thing's for sure: open source feeds off the innovation expressed in closed source projects. Any dramatic (as in revolutionary) world-wide transition from closed source to open source has a good chance of producing tremendous unemployment in the software development arena.
Open source advocates are promoting their own unemployment, if they actually intend to earn a decent living off software development. (As long as all of their intellectual property is not open, companies like Apple will continue profit, though, because Apple makes most of its money off selling proprietary hardware).
The loss of employment may happen indirectly: one developer may effectively destroy another's job by undermining the other's livelihood, but what goes around eventually comes around.
This is one key point I haven't seen brought up yet. In open-source projects, the weaknesses and strengths are well-known and allows for well educated implementation decisions - less risk. With closed-source operations, the weaknesses of the software are known by less people which makes those weaknesses a bit stronger because of the "security by obscurity", but there lies the greatest weakness - the additional security is dependent on people. The people that implement it, develop it, maintain it. The people that are 1) not employed by government (likely a greater security risk) 2) building the software for money (possibly more willing to accept a bribe). Depending on the knowledge known by the person bribed, the exploit could extremely deadly and unpredictable the consequences - more risk.
This just makes me sick. I've read Alexis de Toqueville's Democracy in America several times, it's one of my favorite books. He considered unchecked capitalism a serious threat to participatory democracy. How vile for an organization to sully his name with drivel like this report.
I'm no MCSD, MCSE, or MCDBA (yet!), but I'm very involved in the MS developer community - in particular the .NET community. I go to the Redmond campus at least once a month and know quite a few people that work there. What's interesting is most "MS Tech Geeks" aren't generally anti-OSS and many actually have experience with Linux and other OS's. Sure, there's also a large group that's feeds off of MS dogma but the rest aren't really all that bad. There really are a lot of smart people that either work for MS or primarily work with MS technology that get quite frustrated atMS's marketing FUD. We're all educated (in theory) enough to make our own decisions based on the MERIT OF THE TECHNOLOGY. We don't need restrictive licenses, stupid marketing FUD, or silly gimicks like 100 page color brochures sent to our houses every day. Marketing and PR types can make the image of a company, however, they generally break the image of a company in the eyes of techies which employ simple FUD avoidance algorithms.
I have certain critiques about OSS, moreso GPL's based licenses and less so BSD based licenses, but I'm not about to agree to this "OSS will increase terrorism" BS. Come on MS (et all), STOP TREATING US LIKE IDIOTS!
There is no longer anything that can be done with computers that is nontrivial and clearly legal. -- Paul Phillips
A problem is that nowadays pretty much all computer owners are admins. With always on connections like DSL, everybody's at risk.
And since good security is pretty hard to understand and implement properly because it involves so many issues, most people really don't even have time for it. I personally have shut down all the services in my system, and I believe that's what 90% of all home users should do. I wonder why no distro I've seen offers to do this when installing. It would help eliminate a lot of problems.
this is all what Perestroïka and Glasnost attempt were about: opening the system just enough to break from the "frozen age", instituted by Brezhnev and continued by Andropov and Tchernenko.
In fact, Khroutchev knew what would happen to USSR since the 60's, it was written in the rock. When he tried to develop agriculture and housing to provide food and housing to every sovietic, and failed (they had to buy wheat to the US...), they knew their system will die, because it wasn't economically efficient, and not only in the computer area. I've been there, and can tell u that not only communist "computers" are funny (ever seen the inside of a Russian spaceship a soyuz or whatever ?), but, moreover, their housing is a nightmare, falling apart and so.
Brezhnev and Company attempts were just to keep the dictature up for a bit more time, so that they keep their power a bit more time.
Gorbatshev was young, he knew it couldn't last for decades, so he HAD to change the system. (btw, China DID change it in the same way, using "Market Communism")
From the 70's on to the 80's, the main occupation of sovietic people was to look for food, and clothes and so, NOT to work. Imagine their lives, going every morning to their work for a few hours, with their bag "in case" they find something to buy - anything, clothes, food, shoes, whatever.
In all that disaster, all the stuff about Reagan's "Star Wars" is simply a joke. Karol Wotjyla and Lech Walesa did more for the end of the Soviet Empire than Ronald Reagan.