Slashdot Mirror

← Back to Stories (view on slashdot.org)

Openness and Security on Campus

Posted by michael on from the too-much-kiddie-energy dept.

djeaux writes "The April issue of Syllabus includes an interview with Jeff Schiller, Network Manager at MIT, about openness and security in academic computing. Schiller has some interesting things to say about product liability for software, including an out for open source software and boils security down to a simple maxim: You must install patches. He also says that what makes security hard is that it's a 'negative deliverable.'"

3 of 145 comments (clear)

  1. I only agree somewhat with this article. by BlueQuark · · Score: 1, Informative

    I think firewall's more precisely NATs have their place in addition to patching your system.

    I think it would be irresponsible of a network/system administrator to NOT keep their systems up to date with the latest patches and fixes, along with using SSH and similiar tools.

    But at the same time I believe in having a firewall, though I do agree it will not solve all of your problems.

    I don't believe in just patching your systems. I work at a top west coast university, and the academic computing department's attitude it to make the entire network open, and just secure the boxes. Well that's nice in fantasy land, but the truth is, is that this is an administrative nightmare. I work in the administrative computing and we see the result of NOT having a firewall and patching only.

    From experience, that doesn't work either. You need a comprehensive approach that uses both firealls and patches.

    1. Re:I only agree somewhat with this article. by BlueQuark · · Score: 3, Informative

      Well I probably should of been more specific in what I wrote. In a hurry to eat lunch, free Chinese food from the Windows server admins.

      I believe in an open academic network for the students, faculty and researchers.

      But for the administrative computing, where I work, which does all the data processing, there is no reason for an open network.

      The funny thing is is that the major research projects we have on campus, have erected firewalls to protect themselves. And basicaly have told academic computing to go screw themselves and their patch only policy. And these firewalls are being mandated by the 'personalities' and Nobel laureates that we have here. Actually we have more Nobel laureates than MIT has ;-)

  2. Re:Patches? by sphealey · · Score: 4, Informative

    The canonical example is Windows NT Service Pack 6, which broke Lotus Notes (both server and client). Note (ha ha) that Notes had at that time both the largest market share and by far the largest installed base of any corporate e-mail system. Microsoft denied the problem for about 6 weeks, then suddenly released SP6a with no explanation.

    That's the worst I know of (since it was marked a security release, and since it affected so many sites), but I have certainly run across others.

    And while I agree Microsoft can't test _every_ 3rd party app out there, I do think that given their 96% desktop market share (at that time; closer to 99% today) that they have a responsibility to test the leading apps of the leading functions, whether or not they are Microsoft's. Novell certainly used to do that.

    sPh