| «« Smalltalk Eclipse IDE Presentation | Down to Two Blog Columns »» |
|
About
I'm Ryan Lowe, a Software Engineering graduate living in Ottawa, Canada. I like agile software development and Ruby on Rails.
I write this blog in Canadian English and don't use a spell checker. Typos happen.
Projects
» Full-time Ruby on Rails freelancer
» Full-time with Rails since May 2005 » Former committer for RadRails (now Aptana) » I also have a few Rails side-projects in development: 1. wheretogoinTO.com Toronto nightlife 2. Hey Heads Up! TODO list and sharing 3. Layered Genealogy family history research 4. foos for foosball scoring 5. fanconcert for music fans (on hold) Hiring Rails developers? I can telecommute by the hour from Ottawa, Canada »» Email: rails AT ryanlowe DOT ca
BulletBlog
Now hosted on Hey! Heads Up -- check it out!
Syndication
Pings
Recent
Derek Lowe's (Ryan's older brother) words at Ryan's funeral
blog@ryanlowe.ca no more Forging Email Headers: Good, Bad or Ugly? Sarcastic Dictionary (Part 1 of Many) Tags Hierarchies Twisting Rails is Risky Business Risky Business? My Take on Early Alphas Whoa, it's August 2007 Closing Comments A Postscript to "Growth at the grassroots" »» All Blog Posts
Linkage
del.icio.us/ryanlowe
technorati/ryanlowe.ca/blog Aurora Roy Jim Andrew Trasker Travis Kibbee Karen Dr. Unk Ayana Van Bloggers Joel Spolsky Robert Scoble Tim Bray Dave Winer Raymond Chen James Robertson Ruby/Rails Bloggers rubyonrails.org weblog David Heinemeier Hansson Dave Thomas James Duncan Davidson Mike Clark Jamis Buck Signal vs. Noise Tobias Luetke Amy Hoy: (24)slash7 Jeremy Voorhis Eclipse Bloggers Planet Eclipse EclipseZone Luis de la Rosa Eclipse Foundation Kim Horne Billy Biggs Ian Skerrett Mike Milinkovich Bjorn Freeman-Benson Denis Roy
Archives
  
|
Microsoft Windows Source Leak Could Improve Security?
Dave Winer says: "Everyone's so worried about the Microsoft source leak. "It could open new security holes!" they say. But check this out, the source for Linux, a popular Microsoft competitor, has always been available, and this is promoted by its advocates saying it makes Linux more secure, not less." That's true but Windows wasn't written to be open source. So there could be (and probably are) errors that are hidden because no one outside of Microsoft and its partners have seen the code. If there are security holes being discovered regularly without the code imagine how much easier it will be with it. There's a whole class of developers that try to hack/break Windows just for the sheer challenge of it. The NY Times found that out when they interviewed virus writers recently. Would these guys turn into white hats to improve Windows security? Maybe some would but others would still like the "coolness" of creating a virus and seeing it reek havok. It's fun for them. So sure, in the long run Windows could be more secure if the source was open. Let's say they released all of the Windows 2000 code under the GPL today. In the next few years we'd see more security exploits while all of the bugs were found by curious hackers. The nice ones would notify Microsoft and the evil ones would write damaging viruses for all of us to enjoy. The problems would eventually be fixed but it would be an incredibly painful period for Windows. That's why Windows can never be open source even if they wanted it to be. There are just not enough Windows developer eyeballs at Microsoft to compete with all of the malicious hackers out there. Heck Windows is closed source right now and they can't respond quickly (see Microsoft Sits on Security Flaw for Six Months and 200 days to fix a broken Windows). Bottom line: security by obscurity doesn't work very well. The Linux crowd has been preaching that for years. As soon as the code is released or leaked you have a major problem on your hands. The cat gets out of the bag and never returns. Update 4:21am CNN reports that the leaked code is full of profanities. Does this surprise anyone in the software world? Not really. To outsiders though it might be publicly embarassing to Microsoft. Posted at February 14, 2004 at 02:29 AM ESTLast updated February 14, 2004 at 02:29 AM EST Comments
If I had some Microsoft shares I'd get rid of them very fast (at least until we see how all this plays out). » Posted by: Aleks at February 14, 2004 08:52 PM |
