08Mar2009 (UTC +8) On Wed, Apr 8, 2009 at 10:46, Rogelio Serrano <[email protected]> wrote: >> “Further, these top hackers have targeted the national and local websites of >> the > PIDS, DOST, DOLE, Napolcom, Supreme Court and Department of Education which > are using the Linux Operating System, a free and openly available software > which > makes them highly vulnerable to hacking,” > > Why do i feel that we just totally got whipped and lost the > Philippines to M$? Its looking pretty hopeless from my point of view.
I do not share your sentiments. In the Philippine banking industry alone, which is one of the most conservative in terms of adoption of bleeding-edge and open-source technologies, there are about 50/50 usage for MS Windows Server and Unix-flavored web application servers. Anybody can do their own informal survey by using Netcraft and enumerating the BancNet, MegaLink, and ExpressNet member banks. We've also analyzed 10's of TBs of HDDs last year, and again also this year, all using Linux-based tools --results of which has been presented to several Audit Committees and batteries of lawyers. Also built a custom computer-crime lab for an organization using Fedora and other distros. And very soon, I'm going to testify in an international court here in Asia as to how we discovered electronic evidence (to help settle a multi-US$M dispute), but more importantly, how much we know how our tools work... I won't have the same confidence and trust in our tools if they weren't open-source. What I'm saying is, Linux may not necessarily be more secure by default install, nor is it immune from human-errors and poor implementation design, but its software is way more predictable and thus trustworthy[1]. And that is what really is more important. [1] An trait of something that can be evaluated and thus get an assurance that it'll do what it's supposed to do, no more, no less. Drexx Laggui -- CISA, CISSP, CFE Associate, ISO27001 LA, CCSI, CSA http://www.laggui.com ( Singapore / Manila / California ) Computer forensics; Penetration testing; QMS & ISMS developers; K-Transfer PGP fingerprint = 6E62 A089 E3EA 1B93 BFB4 8363 FFEC 3976 FF31 8A4E _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
