Suche innerhalb des Archivs / Search the Archive All words Any words

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[] Defense, cybersecurity officials praise 'open source' software,

October 29, 2002 

Defense, cybersecurity officials praise 'open source' software 

By Drew Clark, National Journal's Technology Daily 

A Defense Department technology expert and a White House cybersecurity
official on Tuesday praised government's use of "open source" software
and said that its security can be preferable to that of commercial

Speaking at a conference sponsored by Dell Computer and Red Hat, which
distributes the Linux open-source software, the defense and
cybersecurity officials said they anticipate that government use of the
software will continue to increase. The source code for Linux and other
such software is open for public inspection, unlike that of proprietary

"Open source allows us the opportunity to have a pro-active and
pre-emptive identification of security holes by friendly analysis," said
Ken Linker of the Defense Information Systems Agency. He read the
written presentation of Robert Walker, the program manager for the
agency, which runs the software for a large portion of the department's
command-and-control systems. 

"As a result, this early identification and rapid repair of security
vulnerabilities has become a major advantage of open source over more
proprietary approaches to software development," Linker read. The
presentation was replete with positive references to the security
advantages of open-source software.

Whether open or propriety software is more conducive to cybersecurity
recently has become a matter of debate. The Microsoft-supported Alexis
de Tocqueville Institution has said that use the use of open-source
software puts the government at greater risk of cyberterrorism. 

In his presentation, Walker said Defense has heard three criticisms of
open source: that it exposes software vulnerabilities, that it could
introduce "Trojan horse" viruses, and that intellectual property rights
are jeopardized by the use of the "general public license," or GPL,
which is a common open-source license attacked by Microsoft for its
"viral" nature. 

Addressing the first point head on, Walker said the "con" that open
source "facilities subversion by hostile analysts of otherwise reliable
software" must be balanced against the "pro" that it "allows pre-emptive
identification of security holes by friendly analysts." As a result, he
said open source is superior. 

Walker also said the "risk of Trojan software in open source appears to
be no greater than the risk for proprietary" and may be less because of
the ability to conduct friendly analysis. 

He said Defense's key open-source concern involves the GPL. "For [the
department], 'capture' of proprietary software is a concern for the
areas of software development and research support," Walker said. But he
also criticized Microsoft for "unusually restrictive licenses." 

Marcus Sachs, director of the communication infrastructure protection in
the White House cyber-security office, said "the government isn't going
to take a position" for or against open source. "I think, personally,
there is room for both. The two can absolutely work together. The
question is, how do you make it secure?" 

Sachs also said that nearly one-third of all government Web sites use
Apache, the leading open-source server software. The number of military
Web sites using it is 22 percent, second to Microsoft's server software,
but military use of Apache is growing rapidly, he said.

Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.