Slashdot Mirror

← Back to Stories (view on slashdot.org)

CCIA Urges Dept. of Homeland Security to Avoid Microsoft

Posted by CowboyNeal on from the friendly-advice dept.

An anonymous reader writes "The Inquirer has posted an article reporting that the Computer and Communications Industry Association (CCIA) has urged the US Department of Homeland Security, in an open letter to Tom Ridge, secretary of the department, to avoid using Microsoft software because Microsoft's software is 'riddled with obvious and easily exploited vulnerabilities.'"

3 of 413 comments (clear)

  1. and in other news... by Anonymous Coward · · Score: 5, Insightful

    The Department of Homeland Security continues to use Microsoft products despite massive flaws, just like everyone else for whom familiarity is more important than actual security.

  2. Re:Pretty obvious by ch-chuck · · Score: 5, Insightful

    So ships are not important. I see.

    Favorite line: "Although Unix is more reliable, Redman said, NT may become more reliable with time"

    I live in that area, and there are a LOT of Msft job openings requiring security clearance these days.

    --
    try { do() || do_not(); } catch (JediException err) { yoda(err); }
  3. What are the Impartial Objectives? by cait56 · · Score: 5, Insightful

    It would be totally inappropriate for a goverment agency to blacklist a specific vendor without going through extensive hearings. That does not mean that they should not consider the vendor's history when evaluating each purchase. For the anti-MS crowd that means that they should reject each MS product individually.

    More seriously, they need to evaluate what their software requirements are. I strongly suspect that they need software which will:

    • Not expire: We are going to reach a point where terrorism is not a "hot button" item, and the spending will slack off. Eventually there will be another attack. The software purchased now has to work four years from now, even if the individual participating agencies have upgraded their hardware in the meantime.
    • Platform independent: The federal government should not be telling local police departments what type of equipment they need. If they do, we'll end up with some equivalent of having to keep an old 286 running in the corner to deal with Homeland Security. Or on the flip side, some police department that relies on donated leftovers won't be able to run the latest software.
    • Auditable: The code used for this software must be reviewable, preferably by the widest audience possible. Escrow is the absolute minimum for all source code involved. Open Source certainly qualifies, but technically the department does not need to have the right to modify the software itself. And in fact might need to keep any modifications that it keeps confidential. (Not that I really think that the GPL would deter anyone in the Bush Administration from doing something for "national security" -- I mean the Constitution doesn't.)