[linux-elitists] Dateline April 12, 2001 Microsoft: Closed source is more secure

Aaron Sherman ajs@ajs.com
Wed Aug 15 09:00:33 PDT 2001


On Wed, Aug 15, 2001 at 01:28:08AM -0700, Karsten M. Self wrote:
> ...and in the perspective of SirCam and CodeRed....
> 
[...]
> http://www.securityfocus.com/news/191

[...]

> "Review is boring and time consuming, and it's hard," said Steve Lipner,
> manager of Microsoft's security response center. "Simply putting the
> source code out there and telling folks 'here it is' doesn't provide any
> assurance or degree of likelihood that the review will occur."

When you speak to people about Microsoft and their Open Source campaign,
you have to make it very clear that this is all reactionary.

When it became clear that open source was going to be a media buzzword,
MS said that they didn't think anyone would ever do their best work for
something that didn't pay (sic).

Then, when the government made its own version of Linux, they said
that the Government should not be allowed to work on open source
projects.

Now that they are taking a beating for security problems, and the
compteition (open source of course) is looking good, they launch
this offensive.

MS will continue to say "them bad, us good" as long as they can, but
the bottom line is that when you point to wu-ftpd security bugs, you're
pointing to the results of what they say, above, no one will want to
spend time doing. Ditto bind (and that review process is VERY well
funded).

The security reviews that the Linux kernel have been undergoing
recently are extensive.

This is FUD of the lowest order, but they HAVE to stoop to it because
they're desperate. To this I can only say one thing:

Good work everyone!

-- 
Aaron Sherman
ajs@ajs.com		finger ajskey@b5.ajs.com for GPG info. Fingerprint:
www.ajs.com/~ajs	6DC1 F67A B9FB 2FBA D04C  619E FC35 5713 2676 CEAF
  "I've committed many sins. Have I dispelased you, you feckless thug?"
   -President Bartlet, ``The West Wing''



More information about the linux-elitists mailing list