Re: [Ilugc] [ILUG-C][OT] On matters of national security and open source
On Wednesday 06 July 2011 10:52 AM, Yogesh Girikumar wrote: But if there's sensitive data that's at risk of being siphoned off then it's a different story all together. So are you meeting them to convey your concern? At least track down who's responsible and start a conversation? :) Vamsee. ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [ILUG-C][OT] On matters of national security and open source
2011/7/6 Vamsee Kanakala vkanak...@gmail.com So are you meeting them to convey your concern? At least track down who's responsible and start a conversation? :) That is where I thought the open letter would help ! Track them down?? :) I would if I could or get a chance ! -- Y ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
[Ilugc] [ILUG-C][OT] On matters of national security and open source
Hi all, How would you all like to contribute to an open letter asking the Union Home Ministry, The National informatics agency, and the like to start using open source instead of proprietary software? It's a shame that most sites including those of National investigation agency, National security guards ( both were hacked very recently ), etc still use IIS. Seriously, IIS? And heaven knows why there was data in those servers that could be siphoned off. So I was thinking writing an open letter to those douc***ags in plain english on what this is all about and how and why they should rethink about using proprietary software that rely on security by obscurity. Please share your views. -- Y ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [ILUG-C][OT] On matters of national security and open source
On Wednesday 06 July 2011 07:22 AM, Yogesh Girikumar wrote: So I was thinking writing an open letter to those douc***ags in plain english on what this is all about and how and why they should rethink about using proprietary software that rely on security by obscurity. Writing an open letter is all fine, but you have to think from their shoes. These companies are led by bureaucrats who haven't been trained in god knows how long and they simply don't know any better in most cases. Most junior-level employees who can effect changes don't have any power to do so or the will to fight the system. If you go and meet these guys, the response will most likely be, thanks for bringing it to our attention. So who can set this up and give us SLAs, and where do we sign?. So unless you're approaching them with a reasonably complete solution that addresses this problem, you can mostly expect as much animosity as you're showing them in return. So instead of writing them an accusatory open letter that is only likely to get them even more defensive, try meeting any of them and ask, this is what I do for a living, how can I help?. That would help you understand the challenges they're dealing with, and help you propose a more meaningful solution. Vamsee. ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [ILUG-C][OT] On matters of national security and open source
2011/7/6 Vamsee Kanakala vkanak...@gmail.com On Wednesday 06 July 2011 07:22 AM, Yogesh Girikumar wrote: So I was thinking writing an open letter to those douc***ags in plain english on what this is all about and how and why they should rethink about using proprietary software that rely on security by obscurity. Writing an open letter is all fine, but you have to think from their shoes. These companies are led by bureaucrats who haven't been trained in god knows how long and they simply don't know any better in most cases. Most junior-level employees who can effect changes don't have any power to do so or the will to fight the system. If you go and meet these guys, the response will most likely be, thanks for bringing it to our attention. So who can set this up and give us SLAs, and where do we sign?. So unless you're approaching them with a reasonably complete solution that addresses this problem, you can mostly expect as much animosity as you're showing them in return. So instead of writing them an accusatory open letter that is only likely to get them even more defensive, try meeting any of them and ask, this is what I do for a living, how can I help?. That would help you understand the challenges they're dealing with, and help you propose a more meaningful solution. Vamsee, I can't agree more with your point. There are people the government can turn to for help in these matters. I can think of CDAC and NRCFOSS. I'm sure that Microsoft did nothing more than to just sell them IIS. What about the guy(s) who designed and developed the site. If it's merely a website that people visit to learn more about the agencies, then there's not much to worry. But if there's sensitive data that's at risk of being siphoned off then it's a different story all together. -- Y ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc