[TriLUG] Can open source solutions be viable companies?

Vestal, Roy L. rvestal at rti.org
Fri Jun 28 14:55:59 EDT 2002


Tanner, I've made this arguement to them. They are starting to understand
that.  Some folks have been entrenched so long in "closed source means safe"
mindset so long, they honestly believe that folks in the *nix community (not
just Linux) are "hackers" that want to destroy stuff. It's unreal.
Thankfully I have folks like the PhD that I spoke about earlier that believe
the same we do. He just needs "ammo for his gun".  He has been into Linux
and used it to build one of the largest endocrinology db's in the world.
Believe me, he understands. He's glad there's someone here that agrees with
him.

My bosses trusts me and my knowledge. They know that I won't present them
with something that's crap. I've already shown them that.

I'm just happy that they want alternatives to the status quo. And they have
announced that they are looking into Linux as a possible desktop
alternative, not as a replacement, but as an alternative to what we
currently use.

On Fri, 2002-06-28 at 14:32, Vestal, Roy L. wrote:
> The "catch"
> is the old fight we all have to fight: "Open source is not as secure as
> closed source becaus everyone has it". Same Argument Different Day (SADD).

Roy, this isn't to you because I believe you know better, but that
argument is pure horseshit.  In fact, I will contend that open source
software can be more secure precisely because everyone has it.

Tell your bosses to take a look at the stuff Bruce Schneir says 
about secure systems.  True security doesn't depend on the 
process (or operating system) being closed off.  True security 
abstracts what needs to be kept secret into a very small package.
By doing this you make it much easier to keep secure because you
have much less to worry about.  In the case of linux, everyone
having it actually makes it more secure because you've got that
many more people looking for bugs to fix.  The chances that the
person who finds the bug will be a "good guy" (tm) is that much
greater.  In addition, he can alert the proper people to make
sure the bug gets fixed.  This doesn't happen in the MS world
because, even if you do report a bug to MS, there isn't an
incentive to fix it.  They would much rather bury the story
and provide a fix "someday" in some obtuse service pack.

So, anyone who says Open Source is less secure should back
away from kissing MS's behind and take a look at the world
around them.  The facts just do *not* support their position.

Tanner
-- 
Tanner Lovelace | lovelace at wayfarer.org | http://wtl.wayfarer.org/
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
GPG Fingerprint = A66C 8660 924F 5F8C 71DA  BDD0 CE09 4F8E DE76 39D4
GPG Key can be found at http://wtl.wayfarer.org/lovelace.gpg.asc
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
Don't move! Or I'll fill ya full of... little yellow bolts of light! 
                                Commander John Crichton (Farscape)

_______________________________________________
TriLUG mailing list
    http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ:
    http://www.trilug.org/~lovelace/faq/TriLUG-faq.html



More information about the TriLUG mailing list