This is cache of http://feeds.feedburner.com/~r/StillsecureAfterAllTheseYears/~3/270718783/mcafees-open-so.html. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
McAfee's open source statements are fighting words to Matt Asay
2008-04-15 08:47:01 by HASH0x8b572d0 in StillSecure, After All These Years
 

Bulldog Matt Asay has become rather predictible. Say anything negative at all about open source and out comes the Utah bulldog from the dog house straining to break free of his leash. Now Matt is saying that the McAfee folks have libeled open source in a recent white paper they released on botnets. Here is the quote in question:

Taking the bot controller offline may kill a botnet. As a result, many bots use a Dynamic Domain Name System (DDNS) or have a list of backup IP addresses to survive such an event. Bot technology is rapidly evolving, often aided and abetted, unfortunately, by the open-source movement. [Emphasis Matt's.]

So Matt does his due dilligence and cannot find any evidence to back up what McAfee says. On top of this Matt remembers that McAfee said in in a recent financial statement that open source licensing is a threat to its business (again these are Matt's words). From there Matt looks up botnets in Wikipedia or some other such place and finds out that botnets are mostly installed on Windows machines. Well that is all this open source watchdog needs to get him going! Of course Windows gets more botnets, after all it is not as secure or as good and the people who use it are not as smart as Linux, the darling of the open source crowd.

So here is my problem with Matt's positions. Number one on the white paper, I don't think McAfee was talking about Linux versus Windows at all (as much as Matt would like to think so). I think McAfee is referring to open source applications like dynamic domain name systems (DDNS) and other open source enabling technologies. There is more to open source than Linux Matt. McAfee is saying that hackers are using the same open source components and network enablers that many legitimate applications are using, to make more effective and dangerous malware. The open source crowd is not doing it on purpose, but it is being used. What is the big deal here. Matt don't you agree that people can use tools for good and bad. Just because it is open source does not mean it cannot be abused or used for malicous purposes. Stop being so sensitive Matt!

Further on McAfee's earlier statement about open source licensing being a threat. Come on guys. It was boiler plate provisions that some of the applications and products that McAfee itself sells contain open source components. Depending how and when a real court ever interperts OSI licenses like the GPL it could have a profound impact on McAfee's business. It could have a profound impact on a lot of businesses for that matter.

Bottom line Matt, I think you are barking up the wrong tree here. Why not head back to the doghouse and wait for the next unsuspecting stranger to walk by and who tries to say anything bad about open source. Me, I think I will appreciate all of the good that open source brings, but realize it can be used as an agent for evil as well.

 
Tags: source, matt, source brings, matt asay, source applications, linux, linux versus windows, source watchdog, mcafee
 
 
 
 
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia