[linux-elitists] rambleling about windows source code

Ben Woodard woodard@redhat.com
Thu Feb 12 18:28:06 PST 2004


You know. I've been thinking release may have the positive side effect
of finally settling the debate whether the philosophy of closed source 
is more secure than open source code for those who for some reason
haven't been convinced yet.

Security by obscurity can only work as long as you maintain obscurity. 
Now that the obscurity of the windows source code has been broken, it
will be interesting to see how the security fares. If there is a
security incident that can be traced back to hackers having the Windows
source code, then it will further erode people's confidence in the
notion of Windows' security. Even if the it can't be traced back to the
source code being released, then there will always be the suspicion that
the it was the root cause.

I've been sort of wondering to myself all day if quite ironically, this
will force Microsoft to release more of their source code. I expect that
security people will be much more paranoid about Windows now and there
will probably be a bunch of new exploits. Having, clearly demonstrated
that security by obscurity doesn't work and that the only way to really
make a secure system is to let large numbers of people vet the source
code for potential problems. The only way to assuage people's fear is to
make it less burdensome to for people to review their work. Evidently,
the shared source license has been a failure and the license has been
too onerous. So in a weird sort of way, I could see them being forced to
have a more open model.

It sort of reminds me of that old quote: Those who do not understand
Unix are condemned to reinvent it, poorly. -- Henry Spencer

It would not surprise me if after a substantial amount of time, the gulf
between Microsoft's way of doing things and Linux's slowly diminishes.

Time will tell but I think that this is a watershed moment or at least a
point of inflection. I feel glad and I feel like I'm on the winning
side. With both this and the SCO thing, I have quite honestly discovered
that one of the flaws in my character is I really do like watching as my
adversaries get the screws put to them. I think that SCO will be ground
into dust by IBM but I think that Microsoft is too big and too smart for
that fate. I think that we are already seeing that their absolute
monarchy is coming to an end but I think that they will survive a shell
of what they once were. (I love watching them have to give huge price
discounts or other concessions just to stay in the consideration
process.) But most importantly as they fall, many of those in their
orbit who have been parroting the reasons for their practices will be
forced to reevaluate their position. I think that forcing the ring
leader Microsoft to do something else, will slowly change the whole
industry.

-ben




More information about the linux-elitists mailing list