Re: [hackers-il] Free Software Day 2004
- I did not write this as a real history, this is just an opinion and
points for thinking.
The idea for the great computer failure came from Eric Raymond, I don't
remember the name
of his assay.
Nadav Har'El wrote:
>On Sun, Aug 22, 2004, Shlomi Fish wrote about "Re: [hackers-il] Free Software Day 2004":
>>Nice story, but I don't think I agree with its theme much. The reason there
>>are many security exploits in Microsoft's software and that there were many
>>worms and virii is because security was once not a high priority for
>>Microsoft (because their software run only on a non-interconnected computer
>>or organization LANs), and when it tried to go on the Internet bandwagon, it
>>did not have good coding practices required for secure networked programming.
>I think I agree more with Ori: Microsoft's software is indeed less secure
>than, say, Redhat Linux, but this is NOT the reason why there are so many
>Windows viruses, and why they are so dangerous. In fact, there are Linux
>exploits for which viruses could have been written, and if Linux was more
>popular and user-friendly, "social engineering" attacks (like getting you
>to run a program) will also become more successful.
>But the point is that if a single operating system "rules the world", be it
>Windows or Linux or MacOS, the situation is inherently dangerous because one
>virus could harm most of the computers in the world. This problem is
>increasingly touted, and labled "monoculture" (it can be compared to the
>same problem in crops, which causes disasters like the Irish potato famine).
>Perhaps the most well known document against Microsoft's monoculture is
>http://www.ccianet.org/papers/cyberinsecurity.pdf. It was written by a
>group of computer security experts, including Bruce Schneier most famous
>for his cryptography books.
>>But I agree that with a good software management, open-source can certainly
>I'm not sure how. If it can reduce the number of security holes by 50%,
>say, how does that help? How does having 10 major viruses a year instead
>of 20 really help anything in the big picture?