Re: Sequoia told

From: charlie strauss <cems_at_earthlink_dot_net>
Date: Thu Feb 22 2007 - 16:21:21 CST

>
>On 2/22/07, Richard C. Johnson <dick@iwwco.com> wrote:
>>
>> Sequoia has dug in around the notion that Open Source leads directly to
>> malware through instruction of those inclined to evildoing.
>>
>
>
>Is anyone buying this argument? I mean, you'd have to have never used a
>windows machine in your whole life to think that open source software was
>the target of malware.
>

It's an excellent argument. Security through obscurity works up to a point. It's unlikely the vendors who are stuggling with marketing issues have had enough resources to acid test their software. Till they do obscurity can buy them time in the race against malware.

Long term, open source offers a route to finding bugs and ruggedizing the software. The question for them is can they afford to have even one critical flaw publicized or worse exploited after they open the source? My guess is that individually the answer is no, it would ruin them even if they could patch the code and thus make it stronger.

I'd suggest that the only way they can escape this viscious circle is by cleansheeting a new beta version that was open source, wait till they were convinced it was secure, then deploy it. Opening the production code could be disasterous.

_______________________________________________
OVC-discuss mailing list
OVC-discuss@listman.sonic.net
http://lists.sonic.net/mailman/listinfo/ovc-discuss
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Wed Feb 28 23:17:23 2007

This archive was generated by hypermail 2.1.8 : Wed Feb 28 2007 - 23:17:27 CST