| By James Turner |
Article Rating: |
|
| February 15, 2004 12:00 AM EST |
Reads: |
15,798 |
One of the major debates in the Open Source vs Proprietary Software debate has always been which one offers more security against intruders and other malfactors. The traditional wisdom has been that Open Source has the advantage of more eyes on the code, scouring it for vulnerabilities, while proprietary software has the advantage that hackers don't have the ability to look for security holes in the source code itself, since it is closely held.
The revelation this week that source code to major portions of two popular Microsoft operating systems are being passed throughout the Net brings this debate to an end. I, personally, have always suspected that the source code to proprietary OSes would always been available to a buyer with the right amount of money. After all, it just takes one disgruntled worker with a high-capacity USB RAM drive on his keychain to smuggle the goods out of a building. But now that millions of lines of code to Windows NT 4.0 and Windows 2000 are readily available to anyone with a modem, there can be no denial of the brutal truth.
So in light of this new world order of software, what's the new conventional wisdom? Open Source remains as it has always been, an arena where malicious forces are free to search for holes to exploit, while armies of developers busily patch and repair any problems they find. But on the other hand, Microsoft in particular is being called out for walking around naked.
It's the worst of all possible worlds for Microsoft users. They have no abilility to fix problems found in Microsoft operating systems themselves, since only Microsoft can issue patches. On the other hand, the forces of evil now have the ability to look at the actual sources and hand-craft viruses and worms to weasel into Microsoft systems. So now it will be a handful of Microsoft developers against the world.
In fact, it's even worse. Since downloading a copy of the stolen code places you in violation of the Digital Millennium Copyright Act, you can't even look at the source to see how bad the problem might be. Obviously, some Russian Mafia coder will have no such compunctions not to do it. So the guys in the White Hats are still technically left in the dark, while the Black Hats have a whole new resource to exploit.
Considering that in the era before the release of the Windows source code, Microsoft often appeared unable to keep up with the flood of exploits aimed against their operating systems, one can only imagine what the world will be like now their dirty laundry has been exposed to the light of day. Get ready for your twice-daily mandatory security patches, folks.
Subscribe to Linux Email News Alerts
Subscribe via RSS
