Open source security crusade

“Wake up, you sleepwalkers” is the title of the cover story in this month’s SC Magazine and it highlights a very real and growing concern amongst some security analysts.

This concern is that security is worse than it was 20 years ago, despite the fact that more money than ever is being thrown at it and the article is an insight into the security crusade started by open source fanatic Eddie Bleasdale.

You may have heard Bleasdale’s name before as he hit the headlines last year over his allegations that OSS (open source software ) was being used as a stick to beat Microsoft into lowering its prices, giving rise to the expression “doing a Newham”.

One of the real strengths of some OSS is that security is build as a core feature rather than as a bolt-on one. This should mean fewer security flaws and less sysadmin headaches even when problems arise down the road, years later. The example of Windows 3.1 flaws being carried on to Windows XP is a good example of when earlier problems can come back to haunt you.

The world is watching Microsoft closely as Vista promises to solve security woes but Mr. Bleasdale points to the introduction of even more headaches as Trusted Computing goes mainstream and threatens to break even more systems. The argument that the Trusted Computing Platform Alliance has been set up primarily to protect the interest of the media industry sounds truer each day.

Microsoft announced that Windows Vista won’t support DVD-ROM drives that do not handle region coding in hardware and comes hot on the heels of the Sony DRM “rootkit” debacle.

Oh, and don’t forget about the launch of Intel’s VIIV platform – essentially a Pentium III platform with Digital Rights Management. I fear that end users are going to have a very rough ride. The wake-up call cannot come soon enough.