Posted on 05/31/2002 3:15:28 PM PDT by Bush2000
A conservative U.S. think tank suggests in an upcoming report that open-source software is inherently less secure than proprietary software, and warns governments against relying on it for national security.
The white paper, Opening the Open Source Debate, from the Alexis de Tocqueville Institution (ADTI) will suggest that open source opens the gates to hackers and terrorists.
"Terrorists trying to hack or disrupt U.S. computer networks might find it easier if the federal government attempts to switch to 'open source' as some groups propose," ADTI said in a statement released ahead of the report.
Open-source software is freely available for distribution and modification, as long as the modified software is itself available under open-source terms. The Linux operating system is the best-known example of open source, having become popular in the Web server market because of its stability and low cost.
Many researchers have also suggested that since a large community contributes to and scrutinizes open-source code, security holes are less likely to occur than in proprietary software, and can be caught and fixed more quickly.
The ADTI white paper, to be released next week, will take the opposite line, outlining "how open source might facilitate efforts to disrupt or sabotage electronic commerce, air traffic control or even sensitive surveillance systems," the institute said.
"Computer systems are the backbone to U.S. national security," said ADTI Chairman Gregory Fossedal. "Before the Pentagon and other federal agencies make uninformed decisions to alter the very foundation of computer security, they should study the potential consequences carefully."
I didn't mean it as an 'accusation', I stated an observation.
What I know, you never will. Needless to say, any argument that commercial cryptology is the best is ignorant of defense systems.
true. They are secure, but not "the best", not by a long shot. Besides, the military systems I have used never used only cryptology to ensure security. They also had additional security through the transmission means, contents, etc. I was a DoD space systems specialist for many years, and used some of the most secured systems out there for satellite command & control. PGP, IDEA? I would expect the NSA already has those algorythms in silicon and can crack them at near real-time speed. I do not know that for fact, but that would be the NSA's MO. I have friends who are FBI and they say that the NSA does NOT cooperate with them. Unless the matter is a national security issue, they have to beg and pull strings to get anything so much as looked at. It seems the military feds have a distain for the commercial feds.
Ah, yes, Google, the source of all black projects. HA! Ya kill me. Disinformation is the best cover out there. Google search. Next time I need to know the the contents of China's next satellite, I'll check them out. Hell, maybe I'll check Google to see what information the FBI is keeping on me. Ya gotta be kidding. Google, the next best thing to actually knowing something.
No system, including Windows NT, which was given a B2 level security classification, is closed. Windows NT required a code review. So does all flavors of trusted UNIX.
The idea that the code must be reviewed for backdoors and security holes is correct. The suggestion that the code should be Open Source is not. I do not want my enemies seeing the code that I am running. They may find a hole that I failed to find and plug. Most systems that I have worked on that had any links to the outside world, or outside the fcility, required a code review, and the code was highly modified from the public versions.
This type of "secret" exploit would affect closed source as well, maybe even more. Atleast with open source, there is a lot of code review by the community. Who is reviewing Microsofts code? The FBI? The CIA? The NSA? So, this does not make open source "less" secure than closed source.
For obvious reasons, I don't believe you.
I think you're like those people who surround Brittney Spears telling her, "Don't listen to the critics honey, you've got talent. After all, you've sold so much!"
Such yes-men are a dime a dozen, so I don't doubt MS has thousands of you on the payroll.
Now wait a minute -- twice now, in other threads, you claimed to have been things you weren't, and claimed to have written systems that didn't exist.
Now, in a discussion about security, you claim this?
Uh hunh.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.