Unfortunately, Chris, in the real world people have all sorts of motives/reasons for using particular technologies--mostly corporate requirements and inertia, so whatever solution is developed (and one will need to emerge quite quickly, I think) will need to be one that is not based on individual technical knowledge or on the immediate overthrow of MS hegemony...
It will probably have to come, as in the railways case I just sent, from the creation of some sort of public interest based regulatory framework. MG -----Original Message----- From: Christoph Reuss [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2003 4:01 PM To: [EMAIL PROTECTED]; Michael Gurstein Subject: Re: [Futurework] Responding to a Very Real Security Threat Michael Gurstein asked: > And if the security of one third of the US population and probably the > same proportion of the Canadian population have been severely > compromised by the action (or inaction) of the software supplier what > does this suggest as an appropriate policy/national security response > to the ever greater dependence of the world on a single software > supplier? Quite simple: The solution is to not use M$ wormware in mission-critical applications (like powerplants, sewage plants, train control systems etc.). For anyone with a modicum of IT knowledge, this had been obvious for a long time already. Trouble is that the reason is not really lack of knowledge, but rather vested interests and profit maximization, as in the power outage crisis (insufficient capacity of powerlines) too. That's why this kind of stuff is happening in NAm (most "advanced" in Enronitis). The problem is not only "dependence on a single software supplier", but mainly that this particular software supplier's software is worm/virus-prone *by design*. Cynically it can be said that this is not by accident but due to the fact that M$ software *itself* is designed to snoop around on --and manipulate-- users' machines (see the famous "Diskeeper"/Scientology affair, for example). Hence, crackers (and even relatively unable script-kiddies) can easily exploit the inherently "snoopy/virusy" architecture of M$ software (both OS and apps). In other words: Even if there would be a global monoculture of an Open Source system, the virus/worm problems would be MUCH less than with a M$ monoculture -- because an Open Source system does not have this design flaw ("snoopy/virusy" architecture), and the remaining few possible virus exploits can be rooted out (in advance!) by public scrutiny, instead of blindly depending on the high priests of Redmond. Anyway, Open Source discourages monoculture by adhering to open standards, unlike M$ which is famous for non-adherence to and even mutilation of standards (in order to force everyone to use M$ proprietary stuff). Bill Ward wrote: > I use only Microsoft platforms and always disable Microsoft Outlook > and the Microsoft address book although I realize that this does not solve > all problems. ^^^^^^^^^^===^^^^^^ ...especially not the W32.Blaster worm, which works directly in the OS and doesn't need Outlook nor the address book, nor any other email app. Chris _______________________________________________ Futurework mailing list [EMAIL PROTECTED] http://scribe.uwaterloo.ca/mailman/listinfo/futurework
