Submitted by rich_c on February 14, 2009 - 2:35pm
There’s been a fair bit in the ‘blogosphere’ recently about an apparent increase in businesses associated with Microsoft contacting Open Source using companies to ‘warn’ them of the potential security risks… I agree with the school of thought that this is unlikely to be an organised attack from the Redmond mothership but an increase of individuals trying to prop up their sales by any, including desperate, means. Clearly they are desperate if they’re using security as a reason to migrate from FOSS to proprietary software! Their argument is apparently that as everyone can see the source code, anyone can find an exploit and use it for nefarious purposes. This is a pretty poor argument as clearly if everyone can see the code then it is as likely that an exploit will get fixed. If the only people who can see the code are a relatively few people within an organisation (i.e. proprietary) and those willing to get hold of it by devious means, then on average it’s clear it will get exploited more. Past experience would seem to confirm this… Also interesting is if you search the web for 'computer security tools' almost all of the first results are open source software!
The other issue that’s amused me lately is another crop of spoof warnings being forwarded on. Things like the warning that circulates on Facebook in various different guises that if you accept so-and-so as a friend, they will be able to hack your computer etc. Although this is clearly a pretty preposterous claim, it could conceivably take in someone who isn’t particularly technically aware. (In fact it often fools people who should really know better!) To my mind, it takes but a few seconds to forward on a warning like this. It takes a few more to do a little research with your favourite search engine to confirm if it is genuine or not. The few seconds you use to check the validity of the warning could save your friends from spending any of their time worrying about a non existent risk. Along similar lines is the advice that sometimes get circulated saying that if you are alone and suspect you are suffering from a heart attack, you should start coughing in an attempt to get your heart beating normally again. As far as I know, this has been dismissed by those in the medical profession. Having said that, in those circumstances once you’ve phoned for assistance you might as well start coughing. What have you got to loose?
- rich_c's blog
- Login to post comments
