[CLUE-Talk] Fwd: FC: More on terrorists using open source software to wreak havoc
charlie oriez
coriez at oriez.org
Wed Jun 5 12:40:35 MDT 2002
So ADTI publishes a pro Microsoft / anti open source piece. Here's some
response. Note especially the item towards the bottom:
"I think it's unlikely that there exists anywhere in the world a more
toadying opinionfactory, begging to trade persuasion stamped "nonpartisan"
for corporate cash. Most "think-tanks" have erected a much better facade.
The ADTI's is balsa wood and refrigerator boxes."
Incidentally, ADTI's commitment to MSFT at the expense of open source extends
to using Apache as their web server.
---------- Forwarded Message ----------
Subject: FC: More on terrorists using open source software to wreak havoc
Date: Wed, 05 Jun 2002 09:57:53 -0700
From: Declan McCullagh <declan at well.com>
To: politech at politechbot.com
---
Date: Wed, 5 Jun 2002 00:23:29 -0700
From: carey <carey at tstonramp.com>
To: declan at well.com
Subject: Re: FC: Terrorists could use open source software to wreak havoc!
Declan,
I thought this was mildly amusing when I saw it as well. I decided
to go hit up Mr. Ken Brown who was listed as the President of ADTI and
see what his answer to the funding question was. He sent me a rather
cryptic, dodgy response.
Especially strange is # 3. Also the tripe about
'true patriots' was a bit funny. What, true patriots don't use linux?
--------------------------------------
From: "Ken Brown" <kenbrown at erols.com>
Sent: Sunday, June 2, 2002 11:02 AM
To: carey at tstonramp.com
Subject: RE: Quick and curious
Our position is as follows:
1: No software is invulnerable. Thus all software inherently has security
problems
2: Those with motivations to crack a software for bad reasons, etc. will do
so, regardless whether the product is os or proprietary.
3: OS is a sound, credible approach for creating systems for the Internet,
etc. however, its basis is upon sharing. While we understand that all OS
does not have to be shared a majority of it whether it is commercial or
non-commercial is shared. GPL and GPL licensed applications are over 80% of
popular OS products today. GPL and LGPL stipulate that sharing must occur.
4. National security systems must be secret. Anything or anyone that poses
any type of indiscreet sharing of intimate information about our
government's IT infrastructure is an inherent threat.
Therefore:
Due to increased interest by bad people in our national security system's
vulnerabilities, we should avoid use of systems that enable, require or
mandate indiscreet sharing.
Microsoft and people's hate for Microsoft is irrelevant. True patriots will
come to grips with the reality that really bad people want more information
about our nation's computer systems; and giving bad people indiscreetly any
information about our systems is reckless.
kb
-----Original Message-----
From: carey [mailto:carey at tstonramp.com]
Sent: Friday, May 31, 2002 5:12 PM
To: kenbrown at erols.com
Subject: Quick and curious
I'm sure I -could- find this on the net already, but I'd figure I'd ask you
first.
Just curious, given your heavy coverage of Microsoft related issues, if you
received any funding from a Microsoft-based group?
Also, how long have you been in existence? I ran across an article today,
and I was a bit curious.
Thanks in advance,
Carey Lening
===8<===========End of original message text===========
--
Best regards,
carey mailto:carey at tstonramp.com
---
Date: Wed, 05 Jun 2002 17:57:42 +1000
From: Nathan Cochrane <ncochrane at theage.fairfax.com.au>
Reply-To: ncochrane at theage.fairfax.com.au
Organization: The Age newspaper
To: declan at well.com
Subject: Re: FC: Terrorists could use open source software to wreak havoc!
I just had a browse around the ADTI site and I think the institution
suffers a weird form of cognitive dissonance that makes their stance on
free software even more hard to reconcile with their mission.
"Since 1988 the Alexis de Tocqueville Institution has studied the spread
and perfection of democracy around the world.
"Among these liberal ideals are civil liberty, political equality, and
economic freedom and opportunity."
How can a monopoly ever be considered preferable to a free and open
marketplace, or the contributions of volunteers, freely given, in pursuit
of an ideal, such as free software?
I just don't get it.
---
From: "Blane Warrene" <bwarrene at msn.com>
To: declan at well.com
Subject: Re: FC: Terrorists could use open source software to wreak havoc!
Date: Wed, 05 Jun 2002 10:01:01 -0400
How easily they overlooked the fact that one of the prime characteristics
of open-source software is the ability to customize and re-compile a kernel
or application (in essence make it proprietary for the individual or
institution using the software), closing doors left open in the original
source. This also changes the footprint of the application, making it much
more difficult for an outsider to "find their way in" to your installation
without your internal secured (we hope) documentation.
We have done this with several servers - re-building them for internal use
only, effectively changing the nature of the OS to meet our needs.
---
Subject: Re: FC: Terrorists could use open source software to wreak havoc!
From: Steve Stearns <sterno at bigbrother.net>
To: declan at well.com
Something came to mind recently that ties well into the white paper on
open source security risks from the Alexis de Tocqueville Institute.
Microsoft has openly admitted in court that there are significant
security vulnerabilities in their products. Vulnerabilities so
substantial that they believe it would be a national security threat to
open up certain parts of the source code. What protections exist to
keep that information out of terrorist hands?
The security presumption in open source is that, yes, there will be
bugs, but if everybody can see them, there is a chance for the "good
guys" to find and solve those problems before the "bad guys" exploit
them. The security presumption in proprietary code is that the
vulnerabilities can't be found without access to the source code. That
presumption is only as good as the security measures that are in place
within the company that writes the software. So, how hard would it
really be for terrorists or foreign agents to infiltrate Microsoft?
To put the scope of this threat into some perspective, think about how
many people within Microsoft had to be aware of these security problems
in order for it to make its way to a company executive who could allude
to it in court. How many layers of managers and development teams did
that information pass through? The more people who become aware of the
problem, the more risk that any one of those people is an infiltrator,
or potentially corruptible.
So how "confidential" is closed source software really?
---Steve
---
Date: Wed, 5 Jun 2002 12:16:42 -0400
From: Jamie McCarthy <jamie at mccarthy.vg>
Subject: Re: FC: Terrorists could use open source software to wreak havoc!
To: declan at well.com
X-Priority: 3
declan at well.com (Declan McCullagh) writes:
> Just because an entity receives MS cash does not necessarily mean
> MS dictates its opinions.
Tell that to the Institution itself; they seemed eager to play
"follow the money" back in 2000 (though this "study" they hinted
at doesn't seem to actually have been released):
http://www.adti.net/html_files/technology/pause_the_microsoft_case.htm
An Alexis de Tocqueville Institution study to be published
this spring, he said, is finding that a large number of
major soft dollar donors to the Democratic Party over the
last three election cycles are now plaintiffs, witnesses,
or beneficiaries in U.S. anti-trust cases.
Sure, maybe MS cash doesn't influence their opinions. Maybe they are
just a bunch of guys who really like to sit around and write opinion
piece after opinion piece, and do study after study, showing that
Microsoft is the greatest company in the world:
http://www.adti.net/html_files/technology/mcseStudyDraft.pdf
in which we see that many top firms think the MCSE is a
valuable certification
http://www.adti.net/html_files/technology/Ebert_Microsoft.html
the antitrust suit will destroy American tech leadership
http://www.adti.net/html_files/technology/scarborough_microsoft.html
Sept. 7, 1999: "if Microsoft actually is crushing competitors,
then what accounts for those companies' rising stock? Since
the federal government took Microsoft to court, Amazon.com is
up 838 percent, AOL up 555 percent..."
http://www.adti.net/html_files/thirdparty/clinchvalleytimes_agregory012000.ht
ml
January 20, 2000: "The recently announced $350 billion merger
between AOL and Time-Wamer, FFI says, is an indication that
Netscape Navigator owner AOL has nor been crushed by Microsoft's
'monopoly,' else how could it participate in this deal, the
biggest ever recorded?"
http://www.adti.net/html_files/technology/pressrelease_ms10242000.html
Japan, Switzerland, and the EU oppose Microsoft antitrust suit
http://www.adti.net/html_files/technology/marketplace_rule.html
Microsoft should be exempt from antitrust because "unlike
oil and aluminum, ideas and innovative technology can be
controlled by no company" -- that's a deep understanding of
the issues
And here's their pride and joy, a study showing that MCSEs
(Microsoft Certified Systems Engineers) are really in demand,
and they make good money!
http://www.adti.net/html_files/technology/studymcse.PDF
"A MCSE Introduction -- Training for the Digital Age"
"Any advice for MCSE's?" "Stick with it. If you are under
financial pressure it will be worth it to get certified and
don't get discouraged because it will pay off."
"[Getting MCSE certified] has made a huge transition. I
have met a lot of new people and people respect me more...
I know I will find a good job once I graduate."
and a bushel of reprintings of their press release for that study --
the ATDI is just *so proud* that actual newspapers picked it up and
ran blurbs on it:
the Pennsboro News... <http://www.adti.net/html_files/technology/
pennsboro_news_techtrends022801.html>
the Pelham Sun... <http://www.adti.net/html_files/technology/
pelham_sun_techtrends03801.html>
the Pioneer Shopper... <http://www.adti.net/html_files/technology/
pioneershpr_techtrends013001.html>
The Purple Squirrel... <http://www.adti.net/html_files/technology/
purpsquirrel_familiarity0201.html>
...and many others in their posse of pusillanimous pressmonkeys.
I'd never heard of the ADTI before this, but after spending an hour
or two crawling their site -- which by the way is hosted on unix
by the open-source software Apache -- I think it's unlikely that
there exists anywhere in the world a more toadying opinionfactory,
begging to trade persuasion stamped "nonpartisan" for corporate cash.
Most "think-tanks" have erected a much better facade. The ADTI's
is balsa wood and refrigerator boxes.
"In the United States, the majority undertakes to supply a
multitude of ready-made opinions for the use of individuals,
who are thus relieved from the necessity of forming opinions
of their own." -- Alexis de Tocqueville
---
From: "Thomas Leavitt" <thomasleavitt at hotmail.com>
To: declan at well.com
Subject: Re: FC: Terrorists could use open source software to wreak havoc!
Date: Wed, 05 Jun 2002 08:56:59 -0700
The whole "open source software is insecure" argument is specious... you
only have to look at the example of IRIX (SGI's proprietary version of
Unix) to see that security exploit techniques that target common
programming errors don't require access to source code. I remember seeing
almost daily reports that one or more new buffer overrun exploits had been
discovered at one point - and that is only one technique.
Regards,
Thomas Leavitt
-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
Declan McCullagh's photographs are at http://www.mccullagh.org/
-------------------------------------------------------------------------
Like Politech? Make a donation here: http://www.politechbot.com/donate/
-------------------------------------------------------------------------
-------------------------------------------------------
--
Charles Oriez coriez at oriez.org
39 34' 34.4"N / 105 00' 06.3"W
**
"Outside of a dog, a book is a man's best friend. Inside of a dog, it's too
dark to read".
-- Marx
More information about the clue-talk
mailing list