Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

White House Now Runs on Linux
NewsFactor Network ^ | July 25, 2003 | James Maguire

Posted on 07/25/2003 7:16:17 PM PDT by HAL9000

click here to read article


Navigation: use the links below to view more comments.
first previous 1-20 ... 81-100101-120121-140 ... 161-174 next last
To: Golden Eagle
Actually, UNIX (all flavors, including Linux and *BSD) holds the largest footprint (65%) whereas Microsoft holds around 25%

While your figures are debatable, you still improperly grouped all *NIX products together, which is a false anology simply because not all virus for some *NIX products affect other *NIX products at all.

It's not misleading at all. You claimed that Microsoft had the largest footprint. THAT was a very misleading claim. I showed that it was untrue...then you pull this red herring? Please.

This is a perfect example of the disengenuous arguments you people constantly make.

Pot -> Kettle -> Black

Once again, more proof that Windows closed-source "security" is just a disaster waiting to happen.

Your defense of Chineese hackers is sickening.

It's no defense of the hackers; it's a pure condemnation of the B.S. "security" that you claim Microsoft possesses. THAT is what is truly sickening.

-Jay

101 posted on 07/26/2003 1:26:21 AM PDT by Jay D. Dyson (Threaten me? That's life. Threaten my loved ones? That's death.)
[ Post Reply | Private Reply | To 98 | View Replies]

To: PatrioticAmerican
Good to hear from you, great callsign by the way.

Yes, success by some leads to jelousy by others, and these worthless punks despise M$ because they continue to charge a reasonable for their products despite having $50 billion in the bank. If there was something better available at a fair or even lower price, we wouldn't have this problem. But IMO Linux is a cheap sellout to the communist organizations like FSF and GNU.
102 posted on 07/26/2003 1:28:25 AM PDT by Golden Eagle
[ Post Reply | Private Reply | To 99 | View Replies]

To: Jay D. Dyson
Ygg6Q5YeCckSuMRwAzF2QiBDfLA7/F9UImEzkzE/JdDLhOgUYhu9HZlt+SXWKzym RqEgBIGXJIv/DSZ9l9jXMFKvuQS3HZUG2luegjowyIZAg88B0gRjf3wwSlm4MCAX W0253wgPW+EW5Yg3ErvY+jr6DcWBGZ9avc2oDLncu7fqfrZcC/mqY1JnEK+5b9E7

You call that clever? I call it disingenuous, like everything you people say.

http://dictionary.reference.com/search?q=disingenuous

103 posted on 07/26/2003 1:31:26 AM PDT by Golden Eagle
[ Post Reply | Private Reply | To 100 | View Replies]

To: grunt03
...and have never used a debugger or disassembler.

Sadly, thanks to the abomination known as the Digital Millennium Copyright Act (DMCA), use of those tools has been either marginalized or criminalized.

Just like the gun-control laws, the DMCA serves only to disarm the law-abiding while leaving the criminal element in a better position.

-Jay

104 posted on 07/26/2003 1:33:31 AM PDT by Jay D. Dyson (Threaten me? That's life. Threaten my loved ones? That's death.)
[ Post Reply | Private Reply | To 73 | View Replies]

To: Jay D. Dyson
It's no defense of the hackers...

It very well most certainly was, and it very well most certainly was sickening.

You people are SOOO consumed by your hatred of M$ you can't even make any honest arguments, AT ALL.

Hatred is an evil thing, I pray for it to one day be removed from this world.

105 posted on 07/26/2003 1:34:21 AM PDT by Golden Eagle
[ Post Reply | Private Reply | To 101 | View Replies]

To: Golden Eagle
You call that clever? I call it disingenuous, like everything you people say.

I'm disingenous? Excuse me, but you have been claiming all along that open source products are insecure because the bad guys can see their inner workings. As proof of my confidence in open source, I encrypted the data you requested with nothing but open source products.

According to your incessant and irrational claims, that data should be easy pickings.

Bottom line: I took your claims and have put them to the ultimate test. And I have no worries. On the flip side, this demonstration has clearly shown that your argument is deeply flawed and I have proven you wrong. If you can't face that simple fact, that's your problem, not mine.

-Jay

106 posted on 07/26/2003 1:36:46 AM PDT by Jay D. Dyson (Threaten me? That's life. Threaten my loved ones? That's death.)
[ Post Reply | Private Reply | To 103 | View Replies]

To: Golden Eagle
Your defense of Chineese hackers is sickening.

It's no defense of the hackers; it's a pure condemnation of the B.S. "security" that you claim Microsoft possesses. THAT is what is truly sickening.

It very well most certainly was

Nonsense. Please stop trying to bolster your opinion as fact (which it is not). The fact of the matter is that some joker overseas has (once again) clearly demonstrated that the closed source approach which you vehemently claim is "secure" actually possesses no security at all.

And as I said before, that is what is truly sickening. If you can't live with that, that's your problem.

You people are SOOO consumed by your hatred of M$ you can't even make any honest arguments, AT ALL.

Hah! If there's any lack of honest argument in this equation, it's your red herrings and strawman arguments in which you claim that Microsoft has the largest footprint (it doesn't) and that closed source is more secure (it isn't). And when called on the carpet for these fallacies, you resort to ad hominem attack.

This sort of thing I expect on DU, not Free Republic.

-Jay

107 posted on 07/26/2003 1:40:44 AM PDT by Jay D. Dyson (Threaten me? That's life. Threaten my loved ones? That's death.)
[ Post Reply | Private Reply | To 105 | View Replies]

To: Jay D. Dyson
As proof of my confidence in open source, I encrypted the data...

Hardly an equivalent demonstration to the absolute core original source code of your personal information.

Post it for all to see, if security by obscurity doesn't work.

108 posted on 07/26/2003 1:41:02 AM PDT by Golden Eagle
[ Post Reply | Private Reply | To 106 | View Replies]

To: Jay D. Dyson
The fact of the matter is that some joker overseas has (once again) clearly demonstrated that the closed source approach which you vehemently claim is "secure" actually possesses no security at all.

LOL @ your insane deduction! They "open sourced" a new worm, proving not only do many attempted hacks come from overseas or M$ haters, they are often created by open source groups, which this one is (no code for sale).

109 posted on 07/26/2003 1:45:56 AM PDT by Golden Eagle
[ Post Reply | Private Reply | To 107 | View Replies]

To: Golden Eagle
As proof of my confidence in open source, I encrypted the data...

Hardly an equivalent demonstration to the absolute core original source code of your personal information.

It is a valid demonstration. And as further proof that your claim is without legs, here's all the details required to acquire the data:

According to your argument, since I spelled out the entirety of my security systems (including which version I used), and since the bad guys can readily acquire and review the inner workings of everything I used, they should be able to crack this data posthaste.

My demonstration utilized absolutely NO "security through obscurity." Everything I used is Open Source, so there is NO "security through obscurity" in play.

So, like it or not, your house-of-cards argument on the risks of open source has crashed to the ground under the weight of these facts. Even you have essentially admitted that the data is secure.

Sure, you can continue arguing otherwise...but such conduct on your part would be (as you are wont to say) disingenuous. In fact, such would prove to be intellectually dishonest on your part...in the extreme.

-Jay

110 posted on 07/26/2003 1:56:16 AM PDT by Jay D. Dyson (Threaten me? That's life. Threaten my loved ones? That's death.)
[ Post Reply | Private Reply | To 108 | View Replies]

To: Golden Eagle
Son.

The debate is misidentified as "open source is more secure than closed source." It should be, "open review is more secure than closed review."

Closed source could be just as secure-- if it were constantly scrutinized by tens of thousands of eyes over its lifetime, as open source is afforded through the process of open review. Sadly, that is not viable to closed source. Open review of closed source is logically not possible, and most shops could not literally afford so many eyes to perform an in-house review. Not to mention that few people would ever be granted access to the entire code base, for the well-placed fear of losing the code to a rogue agent.

To aggravate matters, closed source almost always drives a commercial engine, one that must worry about the bottom dollar, one that cannot linger on the unfinished 5% of the project, the 5% that would consume 95% of the project's costs. The dollar eventually kicks in and demands work be completed or curtailed. All software projects follow a rule of diminishing returns. Open source has the advantage of hundreds or thousands of developers, far more than would be assigned to a similar sized project if any expected a paycheck, all entering the project at different stages of its lifetime, and for different reasons. There is a great deal of overlap, but labor of review is distributed far wider than even Microsoft could afford. And often this is done not on the clock but rather for the love of programming.

Slightly off-topic, what do you say about our closed source jobs being handed over to India and China? How do we know some red Chinaman hasn't cunningly inserted a backdoor deliberately engineered into some complex set of conditions, something unlikely to be seen the first several hundred times reviewed? Open review, with hundreds or thousands of eyes, would be more likely to catch such a deception.

111 posted on 07/26/2003 1:58:57 AM PDT by John Robinson
[ Post Reply | Private Reply | To 81 | View Replies]

To: Jay D. Dyson
LOL at your ridiculous 'demonstration'. In case you didn't know, "encrypted data" is NOT equivalent to "freely available text or code"'. Once it's encrypted, due to the randomness of the key generation, without your key it's useless.

Again your arguments are completely disingenuous, which is the only way you know how to argue. Too bad you can never win an argument with a knowledgeable debator that way.

112 posted on 07/26/2003 2:02:30 AM PDT by Golden Eagle
[ Post Reply | Private Reply | To 110 | View Replies]

To: Golden Eagle
The fact of the matter is that some joker overseas has (once again) clearly demonstrated that the closed source approach which you vehemently claim is "secure" actually possesses no security at all.

LOL @ your insane deduction!

What's truly insane here is your claiming that Microsoft's closed source OS is "more secure" because it's closed source when the facts demonstrate time and again that such is not the case.

They "open sourced" a new worm, proving not only do many attempted hacks come from overseas or M$ haters, they are often created by open source groups

I'm sorry, but you are either ignorant or dishonest. First off, the vast majority of security-related discoveries occur in the United States.

Secondly, many of the MS-related discoveries are made by people who are die-hard MS users (eEye Digital Security being one).

Third, the claim that these cracks are developed by "open source groups" is pure bulls---. Judging from your overall ignorance of open source and how it relates to security, I doubt you'd know what an "open source group" is if it bit you on the butt.

which this one is (no code for sale).

Hate to break this to you, but you don't know the first thing about the Gnu Public License or what the Free Software Foundation is about. Moreover, just because source code is given away for free doesn't mean it is on the same playing field as the code within the realm of the GPL or FSF. And finally, you really need to slow down and digest this material 'cause you are doing little more than shooting yourself in the foot.

It was funny to watch at first. Now it's kind of sad.

-Jay

113 posted on 07/26/2003 2:04:41 AM PDT by Jay D. Dyson (Threaten me? That's life. Threaten my loved ones? That's death.)
[ Post Reply | Private Reply | To 109 | View Replies]

To: Golden Eagle
Most open source is cheap. Look at Mono. Jeez, how many times have I heard that it was good to go or ready for implementation. Hell, it's 20% complete at best and the code SUCKS.
114 posted on 07/26/2003 2:06:05 AM PDT by PatrioticAmerican (Helping Mexicans invade America is TREASON!)
[ Post Reply | Private Reply | To 102 | View Replies]

To: Golden Eagle
LOL at your ridiculous 'demonstration'. In case you didn't know, "encrypted data" is NOT equivalent to "freely available text or code"'. Once it's encrypted, due to the randomness of the key generation, without your key it's useless.

Nonsense. I provided the key.

Now for the purpose of showing what nonsense you're spewing:

  1. You claimed open source was a security risk because its inner workings are exposed to the bad guys.

    I took said open source products and utilized them to provide the data you insisted I provide.

  2. You then claimed that the use of said products was "security through obscurity."

    I pointed out that such was not the case as I had clearly spelled out everything that was used to generate the output; thus demonstrating there was no "obscurity" involved.

  3. You then claimed that said output was not the equivalent of the code.

    This is a red herring. I never claimed it was. I did, however, claim and demonstrate that use of open source did not in any way jeopardize that data.

Come now, this is logic that even a college sophomore can follow. I think this whole thing has devolved into your stubborn refusal to face the fact that your insistence on closed source being more "secure" is nothing more than a wishful fantasy propped up by God knows what.

Bottom line: I have shown my full and unqualified faith in the genuine security of open source by entrusting my most sensitive data to its care. That's far more than I'll ever do with the closed source insanity you advocate.

-Jay

115 posted on 07/26/2003 2:13:35 AM PDT by Jay D. Dyson (Threaten me? That's life. Threaten my loved ones? That's death.)
[ Post Reply | Private Reply | To 112 | View Replies]

To: Golden Eagle
Obviously some secrets must be kept to secure data. But you cannot confuse a secret, such as a password, which is static, with a mechanism, such as an encryption algorithm, which is dynamic. You cannot exploit a static secret, it simply exists. On the other hand, you can exploit a dynamic mechanism, even a hidden one. You can input data and you can observe output from which you can possibly derive the mechanism. Not to mention, compiled code is in no way hiding a mechanism. A determined individual can easily reverse engineer any algorithm, as exemplified by a plethora of software cracks.
116 posted on 07/26/2003 2:17:39 AM PDT by John Robinson
[ Post Reply | Private Reply | To 108 | View Replies]

To: John Robinson
Mr. Robinson,

Thanks for your reply, although I am not the age of a boy as greeting in your post seems to indicate. I have been deeply involved in computer systems for over 20 years, and graduated as an EE at the top of my class, even serving as chairman of our IEEE branch my senior year. I now provide overall configuration management of a large scale network consisting of thousands of systems, which were originally various flavors of UNIX and VMS, which slowly migrated towards PCs through the use of Pathworks and NetWare, and eventually reaching our current end state of UNIX and Windows. My home experiences include multiple Tandy and Apple computers, as well as IBM type PC's. I have been very polite in my responses to you and respectfully request the same.

In your response, you didn't seem to address the question I originally posed about how your model in any way assures there are more "good" people than "bad" people looking over your totally exposed code. This relationship is extremely important, especially as the code size begins to grow in size and evolve in complexity, and if you ever exceed a critical mass point of more holes being found than your volunteer force can support, you theoretically will never be able to catch up.

Concerning the possibility of unorganized coders from around the world being able to successfully outproduce the best that Microsoft has to offer, all I can offer is my opinion that it doesn't seem to be happening, the Linux operating system still seems rough around the user edges and has few applications to go with it. And as soon as Linux began to demonstrate some full robustness, now we hear claims that the high end capability was likely stolen from UNIX, and not developed by the OSS crowd at all.

Concerning the outsourcing of jobs to China etc, I sincerely doubt those positions are going to be developing core operating system components etc. Many of those positions are actually going to be manufacturing (shrink wrap), disk pressing, and even marketeers needed to start actually regaining some licensing costs from all the Chinese/Indians who are illegally copying their wares. There will certainly be some software engineering going on, but it will very likely be more 'testing' or other mundane roles, not cutting edge micro-kernel upgrade improvements.

Thanks again for your message, and I look forward to discussing any item of your choosing in the future. Goodnight to All.

117 posted on 07/26/2003 2:26:27 AM PDT by Golden Eagle
[ Post Reply | Private Reply | To 111 | View Replies]

To: John Robinson
You can input data and you can observe output from which you can possibly derive the mechanism. Not to mention, compiled code is in no way hiding a mechanism. A determined individual can easily reverse engineer any algorithm, as exemplified by a plethora of software cracks.

Certainly, but that is not an effect that OSS protects you from as it has this same native vulnerability. But to freely distribute your complete source code to the entire world is a separate vulnerability all of it's own, and IMO is simply too much trust.

Goodnight.

118 posted on 07/26/2003 2:31:14 AM PDT by Golden Eagle
[ Post Reply | Private Reply | To 116 | View Replies]

To: Golden Eagle
Hehe, "son" was a correction to your #81, where you misidentified me as Jim's brother. I'm Jim's son.

Ratio: The "bad" people in your scenerio are people who keep their findings private for their own exploitation, and that can just as easily happen in the closed source world as well-- we know closed source is frequently milked for its vulnerabilities, all you need is a debugger/disassembler and time. At least with open source, we're capable of stumbling across an undivulged vulnerability even if that is not what we set out to do. If code review is suspended in a closed source project (and there is no economic reason to continue funding it after the product is deemed bug free), it's not very likely an undivulged vulnerability will ever be discovered, not enough people go hunting for those kinds of things in compiled code. So in that sense, its more likely that closed source programs will have a greater percentage of bad guys than a similarly sized open source program.

As for outproducing: there is a mighty difference between user interface programming and core functionality. Microsoft puts a large focus on the user interface side, often letting core functionality slip. Open source, with their many cooks approach, tends to have a more complete core functionality with many useful options, but the hacker mentality often lacks a thoroughly planned user interface. This results in what we've all found, Linux, et al aren't ready for the masses on the desktop, but it sure as hell kicks the pants off Microsoft when it comes to performing some specific task. More so, open source allows afforable software customization, done in-house or contracted, it's much more likely to happen than begging the closed source/shrinkwrap vendor to tweak its product. (Though you're likely to have much more success w/customizations the smaller the closed source company. I've had great success persuading small 2-3 man companies to implement my ideas. Whereas I doubt a human even read my mail sent to some of the larger ones.)

Oh, rough edges? Have you used Microsoft's command line?Rough around the edges is the best you could say for it. Give me a bash prompt and a good terminal program any day. I've gone as far as installing Cygwin (Unix for Windows), bash, sshd, and using SecureCRT to ssh into my Windows XP box, just to avoid that blasted Microsoft command line and its awkward DOS box.

Outsourcing: don't be surprised if in the coming years most software development scurries off to the far corners of the earth. There is no economical reason it will not.

119 posted on 07/26/2003 3:55:31 AM PDT by John Robinson
[ Post Reply | Private Reply | To 117 | View Replies]

To: Golden Eagle
>>>I left the standard cause it didn't work. My Unix/Linux works.
Fairly hard to believe since *NIX is typically considered far more complicated and suited best for techies, while M$ products like Bob that attempt to make life easy are often scoffed at by that very crowd for their simplicity, the 'wizards' for example.


Not sure what your refering to here. I think our posts are falling victim to message board handicap.

My sites didn't work across the board on NT tech. My sites in Unix do.

As for simplicity versus wizards. I'm not a wizard. Just being forced down the road to make my business work.

As for Netcraft research. That provides current info and doesn't show migrational progress. I happen to know of contracts that will be complete over the next 5 years. Those migrations will skew those numbers from Netcraft real fast.
120 posted on 07/26/2003 7:37:29 AM PDT by Calpernia (Runs with scissors.....)
[ Post Reply | Private Reply | To 70 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 81-100101-120121-140 ... 161-174 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson