Edmund Storms wrote: > They say this is an open system, which has the advantage of putting > the user in control. Why would it not also put the hacker in control? What's the problem with open source, aside from the fact that anyone can learn how the system works? I don't see one.
Security based on secrecy doesn't work very well -- one leak and you're dead meat -- so opening the source is not in itself a problem. In fact it's widely felt that voting machine software, to name one example, would be far more secure if it were entirely open. Secret "backdoors" are secure as long as they're secret, but they're generally considered totally unsecure, because they don't stay secret. The only thing opening the source does is, it makes it impossible for the vendor to retain the capability to prevent improvements. The user chooses the software to put on their machine, and they'll choose the version from Google *unless* there's a version which is better (or equally good and cheaper). With a closed-source system, on the other hand, you can drop the "*unless*" clause: there is only one version available. And that's the only real difference. Finally, as an observation on who this helps and who it hurts, my guess is it's going to end up hurting the consumers most of all. Google is a company driven *entirely* by ad revenue AFAIK and one of their primary missions seems to be to make ad delivery (and content delivery) secure and reliable for the advertisers and content vendors. They are squarely on the opposite side of the fence from FSF. Check out Chrome, and think about these questions: What's Chrome got? Lovely UI. What's it missing? Cookie control!! You get better tracking cookie control with IE than you do with Chrome! Unless Google has changed this, the concept of arbitrarily limiting cookie lifetimes to the life of the session (with a list of exceptions) is completely missing from Chrome. I believe there were some other cookie control issues as well, but that was the big one, which really stood out for me: Use Chrome, be tracked, it's as simple as that -- and the old argument that they can't match up the cookies with *you* is either already false or certainly likely to be false in the future. If Google can push something on consumers which "frees" them from Microsoft while simultaneously "freeing" the vendors from the nasty cookie controls of Firefox they'll view it as a home run, I'm sure. > > Ed > On Jul 8, 2009, at 12:49 PM, OrionWorks wrote: > >> I've labeled this thread "OT" because the subject would seem to be >> unrelated to the issues concerning the occasionally scrappy process of >> developing alternative energy strategies. >> >> But then... maybe it does bare some semblance: >> >> http://www.cnn.com/2009/TECH/07/08/google.chrome.os/index.html >> >> Regards >> Steven Vincent Johnson >> www.OrionWorks.com >> www.zazzle.com/orionworks >> >