Slashdot Mirror


Is Open Source Fertile Ground for Foul Play?

jsrjsr writes "In an article DevX.com entitled Open Source Is Fertile Ground for Foul Play, W. Russell Jones argues that open source software is bad stuff. He argues that open source software, because of its very openness, will inevitably lead to security concerns. He says that this makes adoption of open source software by governments particularly worrisome. In his words: 'An old adage that governments would be well-served to heed is: You get what you pay for. When you rely on free or low-cost products, you often get the shaft, and that, in my opinion, is exactly what governments are on track to get.'"

40 of 723 comments (clear)

  1. Wow by daeley · · Score: 5, Funny

    Igniting flame war in 5...4...we have main engine start...3...2...ignition!...1...

    --
    I watched C-beams glitter in the dark near the Tannhauser gate.
  2. Ahhh.. by Jeremiah+Cornelius · · Score: 5, Funny
    An article-length Troll.

    The whole thread that will light-up in response to this old chestnut!

    --
    "Flyin' in just a sweet place,
    Never been known to fail..."
  3. PLOFIT! by Anonymous Coward · · Score: 3, Funny

    1) Write bogus article that will enrage slashdotters. Slashdot, being knee-jerk as it is, posts it to the front page.
    2) Get a bazillion hits.
    3) PLOFIT!

  4. He might be right. by AtariAmarok · · Score: 2, Funny

    He might be right. If governments switch from Windows to open-source OS, they might open their computers to the possibility of being infected by worms, virii, and trojans.

    --
    Don't blame Durga. I voted for Centauri.
  5. 'You get what you pay for' by Raindance · · Score: 4, Funny

    Netcraft says that his server (running IIS) has only been up for 2 days.

    I wonder if he's getting what he paid for.

  6. Re:Sounds like someone trying to by controversial. by Anonymous Coward · · Score: 5, Funny

    Wow, an insightful first post.
    This day will go down in history.

  7. Whos to say what someone implements? by lake2112 · · Score: 2, Funny

    The problem with Open Source is that there are no controls as to what someone may program. You know I've seen WarGames I know what a back door is. Also a question of accountability. I hate to say it but for some things I am forced to trust Microsoft, not because of the quality of the work but for the accountability that they are held to. They have to make a semi-reliable and safe system or else they got out of business. This insures the proper cycle of software development and testing.

  8. Vulnerable? by Anonymous Coward · · Score: 3, Funny

    He argues that open source software, because of its very openness, will inevitably lead to security concerns.

    Well, thankfully Windows is closed-source, or else there'd be security issues wi-- oh, hang on a sec.

  9. At least they seem to practice what they preach by morelife · · Score: 5, Funny

    devx.com

    HTTP/1.1 200 OK
    Server: Microsoft-IIS/5.0
    Date: Thu, 12 Feb 2004 21:06:06 GMT
    X-Powered-By: ASP.NET

    In other news, the devx.com website was found lying in its own blood and excrement after being linked from Slashdot.ORG today.

  10. Elequence personified by mccalli · · Score: 2, Funny
    " When you rely on free or low-cost products, you often get the shaft, and that, in my opinion, is exactly what governments are on track to get"

    Aah, the sweet sweet tones of language in the hands of a master. What subtlety, what charm, what wit. Prithee kind sir, wherefore is thy prose, thy grasp upon the fundamentals comprising the very art of speech itself?

    English Grade: C-, should learn not to use informal language when making a formal argument.

    Cheers,
    Ian

  11. Hi I'm A. Russell Jones... by Psarchasm · · Score: 3, Funny

    you might remember from other high quality works, like...

    Mastering ASP .NET with VB .NET, Visual Basic Developer's Guide to Asp and IIS,
    and...
    How To Kill Penguins With Broken Shards of Windows.

    *YAWN*

    --
    http://windows.scares.us
  12. Re:Russell seems a bit dated by mekkab · · Score: 2, Funny

    yeah, it seems he's never paid for a BSOD! Unfortunately, neither has Microsoft. But when I get my hands on them, they'll pay. Oh, how they'll pay!!

    --
    In the future, I would want to not be isolated from my friends in the Space Station.
  13. Re:Um, yeah by Dr+Caleb · · Score: 2, Funny
    Please cite some specific examples Mr. Jones.

    If that is your real name. . .

    --
    "History doesn't repeat itself, but it does rhyme." Mark Twain
  14. Article is by A. Russell Jones by RichDice · · Score: 4, Funny

    Someday he hopes to be The Russell Jones.

  15. Re:Here's the article, site has been slashdotted by gnuguru · · Score: 4, Funny

    Mod the above down as flaimbait.

  16. pure genious by ansonyumo · · Score: 2, Funny

    A. Russell Jones may not know dick about oss, but he's a genious on the topic of "how to spike your web traffic for one day".

  17. you get what you pay for by rebel · · Score: 4, Funny

    ...his article is freely available.

  18. I don't know whether to laugh or cry by GMFTatsujin · · Score: 2, Funny
    Third, an individual or group of IT insiders could target a single organization by obtaining a good copy of Linux, and then customizing it for an organization, including malevolent code as they do so. That version would then become the standard version for the organization. Given the prevalence of inter-corporation and inter-governmental spying, and the relatively large numbers of people in a position to accomplish such subterfuge, this last scenario is virtually certain to occur. Worse, these probabilities aren't limited to Linux itself, the same possibilities (and probabilities) exist for every open source software package installed and used on the machines.
    The advert that appeared (one of those ones that takes up a quarter of the page and shifts all the article text around) was this:

    FREEVBCODE.COM -- Get high-quality, FREE Visual Basic code

    The real kicker is that I can already get free, high-quality Visual Basic code... Just open the wrong attachment in Outlook.

  19. Re:Sounds like someone trying to by controversial. by Wyatt+Earp · · Score: 5, Funny

    "We need a new term for this kind of journalistic troll."

    No talent assclown.

  20. Reading his article is free. by Mirkon · · Score: 4, Funny

    So, I guess I shouldn't take any of it seriously.

    --
    Glog!
  21. Re:Microsoft irony is not lost by JohnFluxx · · Score: 2, Funny

    Even funnier if this is true:

    http://neowin.net/comments.php?id=17509&category =m ain

  22. In other news .... by BaronAaron · · Score: 5, Funny

    DevX.com has reported a recent drop off in website hits and has implemented a campaign to "leverage" the Slashdot masses.

    The new project entitled "Flaming Troll" was kicked off today with an article that would be very interesting and informative for your average Slashdot reader.

    So far the project seems to be a success ...

  23. Oops... by JabberWokky · · Score: 2, Funny
    Darn it, I didn't want to click on the "Read More" for this article, I meant to click on the next article down, "New Worms Feed on MyDoom Infections". Gosh, I hope those new worms don't hurt too many of those fragile open source systems.

    --
    Evan "About to take down a Linux system running kernel 1.2.x for about 4 or 5 years and upgrade to SuSE 9.0"

    --
    "$30 for the One True Ring. $10 each additional ring!" -- JRR "Bob" Tolkien
  24. Re:Sounds like someone trying to by controversial. by gumbright · · Score: 5, Funny

    Close, but you misspelled it. Its: F-u-c-k-t-a-r-d

  25. Re:Sounds like someone trying to by controversial. by Trigun · · Score: 2, Funny

    Not to throw too much wood on the fire, but wasn't an Al Queida sympathizer arrested at Intel? Just imagine what he could have done! Intentional security breaches right in the chips! Start the paranoia meters!

    (and this is nothing more than baseless speculation. I don't want to be sued by Intel)

  26. Fairly Humorous by chaoticset · · Score: 2, Funny
    I don't know -- most of this is either a truism about software with the words "open source" in front of the word software, or else something Microsoft said about open source in one of their -- er, I mean the independant testing consortium they hired's -- tests.


    Plus, el supremo Jones fails to comprehend the concept of reverse engineering. Perhaps learning things is more difficult with that enormous wad of MicrosoftBucks that keeps showing up in his bank account.

    --

    -----------------------
    You are what you think.
  27. Absolutely right by jazman · · Score: 2, Funny

    Absolutely. Spot on. Can't use anything that's free, otherwise you automatically get problems.

    Just as well nobody is stupid enough to breathe the air in the atmosphere isn't it? I mean, who wouldn't go with cans of Ozone Friendly FreshAir(TM) Only $10 A Can?

    And as for that wet stuff that comes out of clouds, nobody, surely, would be dim enough to think that was actually /drinkable/, would they? Har har har.

    Repeat after me, all consumers: Free = Wrong. Pay Corporation $$$$$ = Right. Have you supported your local fat cat today by buying something that is normally available for no cash whatsoever?

  28. Re:Sounds like someone trying to by controversial. by pohl · · Score: 4, Funny
    We need a new term for this kind of journalistic troll.

    Urinalist?

    --

    The "cue the foo posts in 3, 2, 1..." posts will commence with no subsequent foo posts in 3, 2, 1...

  29. Re:Sounds like someone trying to by controversial. by afidel · · Score: 2, Funny

    I'm not naive enough to think that proprietary commercial operating system software doesn't have the same sort of vulnerability, but the barriers to implementing them are much higher, because the source is better protected."

    Oh the irony! The very next slashdot story is about Windows NT and 2000 source code being leaked to the net.

    --
    There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  30. Re:Russell seems a bit dated by Pentagram · · Score: 4, Funny

    Exactly. How do we know that the original wasn't actually a logical, intelligent article, and that this copy isn't actually an evil corruption due to it being freely available for modification?

  31. s/open source/Microsoft/g, get same article? by thomas_klopf · · Score: 2, Funny

    It's funny, but if you just make opposite words out of this article, you get something that sounds just as reasonable about Microsoft.. Try it out!

    "In short, Microsoft's expensive and high-cost software products are likely to be widely adopted in governments, where spending public money for licenses is an easy justification. Inevitably, that choice will lead to security breaches that will cost those same governments (and ultimately you), huge amounts of money to rectify."

    "Microsoft software goes through rigorous security testing, but such testing serves only to test known outside threats. The fact that security holes continue to appear should be enough to deter governments from jumping on this bandwagon, but won't be."

    Man, this is fun! Nothing like reading Microsoft gimp droppings! drool.

  32. Re:Sort of by Darth · · Score: 2, Funny

    i disagree. SCO have been trying desperately to patch the huge holes in it's lawsuit. They are just too big to patch, is all.

    (you did mean the lawsuit when referring to SCO's flagship product, right?)

    --
    Darth --
    Nil Mortifi, Sine Lucre
  33. Mod the parent INSIGHTFUL. . . by UFNinja · · Score: 3, Funny

    That was a piss poor article!

  34. Re:Sounds like someone trying to by controversial. by adrianbaugh · · Score: 2, Funny

    In days gone by the term would just be "usenet poster"

    --
    "'I pass the test,' she said. 'I will diminish, and go into the West, and remain Galadriel.'"
    - JRR Tolkien.
  35. Re:Security problems? by darketernal · · Score: 2, Funny

    Addendum to my previous comment, I hadn't read the article carefully enough:

    yes, there is the issue of big name distros like Debian getting rooted. Yes, we heard about the attempt to corrupt Linux BKCVS (someone committed to the repository, disguised as Dave Miller). The OSS community as a whole found and corrected every case and the author of this article is looking for the time when we won't catch such a subversive change.

    Developer trust on the Internet is typically done via PGP/GPG too. Numerous key signatures verifying someone's identity are not ultimate proof, but they assist in reassuring people that a person with that name exists and probably is fairly trustworthy. I've mostly found all of the OSS developers I've met to be forthcoming and truthful and wanting their programs to be rock solid and uncorrupt.

    And only half tongue in cheek (considering the possibility that this is a fake)
    But can you explain why there are traces of Code Red sitting in the zipfile of the alleged leaked Windows source code? :)

  36. 4. Profit! by Tablizer · · Score: 2, Funny

    1. Lose job to offshoring
    2. Grow desparate
    3. Sell out to big corps by writing article
    4. Profit!

  37. Ironic slashdot ordering by zekt · · Score: 2, Funny

    This story comes right after the story that Windows 2000 and NT code has been leaked onto the net. Now that both Linux and 2000/NT source are out there, we can ask the question, which of those two source code trees are you more worred about having in the wild!?

    --
    In my next incarnation, I hope to come back as a code monkey.
  38. SOURCE CODE OMFG R0Xx0R!!!!1!!1!1111 by Xidius · · Score: 2, Funny

    /* Source Code Windows 2000 */ #include "win31.h" #include "win95.h" #include "win98.h" #include "workst~1.h" #include "evenmore.h" #include "oldstuff.h" #include "billrulz.h" #include "monopoly.h" #include "backdoor.h" #define INSTALL = HARD char make_prog_look_big(16000000); void main() { while(!CRASHED) { display_copyright_message(); display_bill_rules_message(); do_nothing_loop(); if (first_time_installation) { make_100_megabyte_swapfile(); do_nothing_loop(); totally_screw_up_HPFS_file_system(); search_and_destroy_the_rest_of-OS2(); make_futile_attempt_to_damage_Linux(); disable_Netscape(); disable_RealPlayer(); disable_Lotus_Products(); hang_system(); } //if write_something(anything); display_copyright_message(); do_nothing_loop(); do_some_stuff(); if (still_not_crashed) { display_copyright_message(); do_nothing_loop(); basically_run_windows_31(); do_nothing_loop(); } // if } //while if (fast_cpu()) { set_wait_states(lots); set_mouse(speed,very_slow); set_mouse(action,jumpy); set_mouse(reaction,sometimes); } //if /* printf("Welcome to Windows 3.1"); */ /* printf("Welcome to Windows 3.11"); */ /* printf("Welcome to Windows 95"); */ /* printf("Welcome to Windows NT 3.0"); */ /* printf("Welcome to Windows 98"); */ /* printf("Welcome to Windows NT 4.0"); */ printf("Welcome to Windows 2000"); if (system_ok()) crash(to_dos_prompt) else system_memory = open("a:\swp0001.swp",O_CREATE); while(something) { sleep(5); get_user_input(); sleep(5); act_on_user_input(); sleep(5); } // while create_general_protection_fault(); } // main

  39. Re:Sounds like someone trying to by controversial. by FIGJAM · · Score: 2, Funny

    This! Makes! You! Sound! A! Lot! More! Like! William! Shatner!

    --
    Do your best, hope for the best, suspect the worst.
  40. Re:Closed source can be just as bad. by unitron · · Score: 2, Funny
    "You paid for IE?"

    I pay for it every time I use it--in wasted time, in aggravation, etc.

    --

    I see even classic Slashdot is now pretty much unusable on dial up anymore.