[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fsfe-uk] OSS Pol. v2 and other stuff

From: graham
Subject: Re: [Fsfe-uk] OSS Pol. v2 and other stuff
Date: Fri, 10 Sep 2004 14:42:09 +0100
User-agent: Mozilla Thunderbird 0.7.3 (X11/20040814)

Dinis Cruz wrote:

That said, I would add that the inherent Security features of an Open Source
application (the fact that one can look at the source code and modify it if
required) is (in my view) a very good short term strategy to get
Governments, Organizations and Companies to pay attention and move to Open
Source products.

The current 'black box' software world that most of us live in (the
proprietary model where we don't know what is inside the software that we
install) is not sustainable in the medium-term (for example what do you
think would happen if WinZip was a Trojan? (i.e. it contained security
vulnerabilities that allowed malicious users to gain control over any
computer that had WinZip installed?))

I agree with Open Source's Freedom and Ethics and I'm very proud to be able
to participate in it, BUT until companies and governments are Free and
Ethic, the best approach (IMO) is to work on practical and focused
For example defending the Open Source's:

  - Quality
  - Innovation
  - Help to the local economy (by creating a local vibrant community of
developers and support/consulting companies)
  - Security (Note that I am not saying that ALL Open Source software is
Secure. I am saying that with at least open source it ITS security can be
independently checked and validated by independent 3rd parties, and that is
why most Open Source software tends to be quite secure)

In this context, I would include most of these features under Ethics (subsection: duties and responsibilities of the state to its citizens). The duty of the state to ensure that data about the public it holds can't be copied, mangled, deleted, distorted or otherwise abused without due process. The duty of the state to ensure that the public can check up on processes used by the state to count votes, calculate taxes, etc.


Dinis Cruz
.Net Security Consultant

reply via email to

[Prev in Thread] Current Thread [Next in Thread]