Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is Open Source Fertile Ground for Foul Play?

Posted by CmdrTaco on from the something-to-think-about dept.

jsrjsr writes "In an article DevX.com entitled Open Source Is Fertile Ground for Foul Play, W. Russell Jones argues that open source software is bad stuff. He argues that open source software, because of its very openness, will inevitably lead to security concerns. He says that this makes adoption of open source software by governments particularly worrisome. In his words: 'An old adage that governments would be well-served to heed is: You get what you pay for. When you rely on free or low-cost products, you often get the shaft, and that, in my opinion, is exactly what governments are on track to get.'"

4 of 723 comments (clear)

  1. Take action by Strudleman · · Score: 5, Informative

    All these great reply's, these reasons why Russell is wrong, will never be read by the public because they're stuck in /.

    Take a cue from devX: "Editor's Note: DevX is pleased to consider rebuttals and related commentaries in response to any published opinion. Publication is considered on a case-by-case basis. Please email the editor at lpiquet@devx.com for more information."

    --
    Do it doug.
  2. Impartiality by gowen · · Score: 5, Informative

    I believe every word of this article because A Russell Jones certainly has no vested interest in Microsoft based web solutions.

    --
    Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
  3. Re:figures... by 8282now · · Score: 5, Informative

    In addition, it looks like this fellow's got a seriously vested interest in the spread of MS's closed source products.

    http://www.amazon.com/exec/obidos/search-handle-ur l/index=books&field-author=A.%20Russell%20Jones/10 3-4406437-9264652

  4. Re:Sounds like someone trying to by controversial. by SvendTofte · · Score: 5, Informative

    Email the author. I just did, rebutting two of his "points". rjones@devx.com

    Hey Russel,

    Just two obvious points of rebuttal.

    1. Your question:

    Who's Watching the Watchers?

    Makes a cold chill run down my spine, when I think of closed source
    software. In fact, many of your statements, such as the rogue coder,
    holds just as true, for CSS. The difference? You (as a consumer)
    cannot see the code. At atmosphere, which breeds closedness, and
    non-disclosure of hacker attacks, is far more scary, then one (such
    as Debian), which openly announces, that it has been hacked. Imagine
    a hacker gaining access to Microsoft code. Imagine MS catching him,
    and removing the malicious code. But ... did they get it all? Only
    the hacker will ever know.

    Your statement, that "core" members, will port the code, just doesn't
    make sense. Assuming we're not into the old chicken and egg problem,
    with the bootstrapping compiler, an Open Source project, is defined
    as having the source open. If you compile a program, and it ends up
    different, then the one you downloaded, then something is very
    wrong indeed.

    2. In academia, and security circles, full disclosure, to be able to
    repeat trials, and be able to uncover weaknesses in software, is the
    norm. Hiding behind binary code, does not a very powerfull brickwall
    make. Hiding behind a wellthought out design, which is not open to
    attacks (confirmed by peerreview), and relies on algoritmic
    defences, makes a strong brick wall.

    I am sorry, but all in all, a very poor article.

    Regards,
    Svend