Hope this is not to much off topic but it seems relevant: The Office of Government Commerce's report into the viability of using open-source software in the public sector was toned down in its praise of Linux security before release, silicon.com has discovered. A copy of the report, seen by silicon.com with amendments still visible, shows changes were made to the government's stance on the particular advantages of Linux versus proprietary software when it comes to security. The Office of Government Commerce (OGC) is the Treasury office charged with improving public sector procurement and project management in the UK. The pre-release version of the report read: "Linux would appear to offer numerous strengths in terms of security." In the final version this became: "There is no definitive answer on the relative security merits of open or closed-source software." The pre-release version also described the visibility of Linux code as a boon to its security, saying: "The structure of the Linux operating system is regarded as inherently more secure than that of Microsoft Windows... The open-source code can be viewed in its entirety and in the event of a problem the worldwide Linux community can act to resolve any issue with urgency." The final version, however, is more muted. "While some argue that many eyes lead to fewer security flaws, others argue that those wishing to exploit, or tamper with, open-source code have an easier time than with closed source code," it reads. http://management.silicon.com/government/0,39024677,39125400,00.htm Regards Nick
Hi Nick There is some grain of truth in both sides of the argument - Closed source, and any potential hacker has to work hard to find the flaws.. Open source, many eyes to spot the bugs. Regards, Paul... (off to find the nomex suit). On Friday 29 October 2004 09:13, Nick Daniels wrote:
"While some argue that many eyes lead to fewer security flaws, others argue that those wishing to exploit, or tamper with, open-source code have an easier time than with closed source code,"
-- Pieces of seven, pieces of seven - A parroty error. "To err is human...to really f*** things up requires the root password." From a collection of quotes at http://www.indigo.org/quotes.html
On Friday 29 October 2004 17:13, Paul wrote:
Hi Nick
There is some grain of truth in both sides of the argument - Closed source, and any potential hacker has to work hard to find the flaws.. Open source, many eyes to spot the bugs.
Regards, Paul...
(off to find the nomex suit).
On Friday 29 October 2004 09:13, Nick Daniels wrote:
"While some argue that many eyes lead to fewer security flaws, others argue that those wishing to exploit, or tamper with, open-source code have an easier time than with closed source code," Hi That was not my point, if a report was commissioned and it came to the conclusion abc why should the conclusion be changed to xyz? For fear of upsetting certain individuals or companies? Who changed the report? How were the changes visible in "secure" operating system? Does the government use Word? Regards Nick .
Hi Nick On this, I will not disagree - If the report came to a particular conclusion, then those responsible for it should have the balls to stand by it. Unfortunately, it appears to be a common practice within government bodies to "sex up" or "dumb down" reports to meet their requirements... Regards, Paul. On Friday 29 October 2004 18:49, Nick Daniels wrote:
That was not my point, if a report was commissioned and it came to the conclusion abc why should the conclusion be changed to xyz? For fear of upsetting certain individuals or companies? Who changed the report? How were the changes visible in "secure" operating system? Does the government use Word?
-- Pieces of seven, pieces of seven - A parroty error. "To err is human...to really f*** things up requires the root password." From a collection of quotes at http://www.indigo.org/quotes.html
On Fri, Oct 29, 2004 at 06:49:25PM +0100, Nick Daniels wrote:
That was not my point, if a report was commissioned and it came to the conclusion abc why should the conclusion be changed to xyz? For fear of upsetting certain individuals or companies? Who changed the report? How were the changes visible in "secure" operating system? Does the government use Word?
Because maybe someone put in what they felt was correct and it wasn't the decision of the group. Quite often when working on a collaborative document many revisions will be made and some will even contradict themselves. It could be that a mad lone penguinista wanted to write that but the whole group decided that it wasn't an accurate statement or more likely that perhaps people (read Microsoft) would seize on that statement and use it to debunk the entire report using some of their own statistics from their "get the facts" campaign. Adam -- jabberid = quinophex@jabber.earth.li AFFS || http://www.affs.org.uk/ || Not a filesystem
On 2004-10-29 09:13:39 +0100 Nick Daniels <nick@danielsn.freeserve.co.uk> wrote:
The Office of Government Commerce's report into the viability of using open-source software in the public sector was toned down [...]
Richard Allan (LibDem IT spokesman) wrote "Two Cheers for the OGC" about this at http://www.richardallan.org.uk/index.php?p=259
A copy of the report, seen by silicon.com with amendments still visible,
Proprietary formats with embedded revision control again, do you think? I've seen both that and the odd habits of web Content Management Systems bite government so many times. -- MJR/slef My Opinion Only and not of any group I know Creative copyleft computing - http://www.ttllp.co.uk/ Will HLF fund tree-killings? http://www.thewalks.co.uk/
participants (4)
-
adam@thebowery.co.uk -
MJ Ray -
Nick Daniels -
Paul