Return-Path: <sentto-279987-4980-1026624162-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Sat, 13 Jul 2002 22:26:09 -0700 (PDT) Received: (qmail 5309 invoked by uid 510); 14 Jul 2002 05:22:05 -0000 Received: from n5.grp.scd.yahoo.com (66.218.66.89) by all.net with SMTP; 14 Jul 2002 05:22:05 -0000 X-eGroups-Return: sentto-279987-4980-1026624162-fc=all.net@returns.groups.yahoo.com Received: from [66.218.66.98] by n5.grp.scd.yahoo.com with NNFMP; 14 Jul 2002 05:22:42 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_7_4); 14 Jul 2002 05:22:42 -0000 Received: (qmail 83623 invoked from network); 14 Jul 2002 05:22:41 -0000 Received: from unknown (66.218.66.218) by m15.grp.scd.yahoo.com with QMQP; 14 Jul 2002 05:22:41 -0000 Received: from unknown (HELO red.all.net) (12.232.72.152) by mta3.grp.scd.yahoo.com with SMTP; 14 Jul 2002 05:22:41 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g6E5NoO27990 for iwar@onelist.com; Sat, 13 Jul 2002 22:23:50 -0700 Message-Id: <200207140523.g6E5NoO27990@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Sat, 13 Jul 2002 22:23:50 -0700 (PDT) Subject: [iwar] [fc:Could.Cyber-Terrorism.Promote.Open-Source.Software?] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Status: No, hits=0.0 required=5.0 tests=DIFFERENT_REPLY_TO version=2.20 X-Spam-Level: July 8, 2002 Could Cyber-Terrorism Promote Open-Source Software? <a href="http://www.cutter.com/press/020708.html">http://www.cutter.com/press/020708.html> Cutter Consortium Cutter Consortium Fellow Ed Yourdon recently stated that a paradigm shift could possibly occur overnight if we are subjected to a dramatically successful cyber-terrorism attack. This new paradigm might be a government-imposed mandate to use open-source software. In his latest book Byte Wars, Yourdon suggests that since September 11 we live in a world of unpredictable, and sometime malevolent, disruptive change. In the book he argues that this new state of affairs, which we must assume will persist for the next several years, is likely to cause a number of paradigm shifts in the IT industry, as well as various other parts of society. This potentially-mandated use of open source is one such change. Says Yourdon, "Even without another dramatic incident, September 11 set into motion a series of analyses and assessments that could cause a dramatic shift toward open-source software. Up until now, we've heard discussions and debates about the marketplace acceptance of open-source systems like Linux, and the open-source advocates might have predicted that within another 5 or 10 or 20 years, their paradigm for software development would gradually dominate the more familiar and traditional paradigm of proprietary software. "But, if a terrorist group uses a cyber-attack to bring down the nation's telecommunications network, or banking network, or air-traffic control system, or electric power grid, or any other part of the 'critical infrastructure' for even a day or two, the situation could change dramatically -- a government mandate to use open-source could not only accelerate an otherwise slow and steady movement, it could enforce it as a matter of law." In Yourdon's opinion, the two most important issues with adopting open-source have to do with security and the ability to make changes to software quickly. "First," he says, "open-source, quite simply, is subject to the scrutiny of thousands upon thousands of programmers all over the world. Second, there is the issue of rapid change: if any large-scale user of a software package discovers a bug or a security flaw, how quickly can it be changed? When dealing with Microsoft, IBM, Oracle, or any other traditional vendor, the answer is: only when they acknowledge the bug or flaw, and only when it fits into their schedule and priorities. When faced with a serious security vulnerability, one would assume that it's in the vendor's best interest to fix it quickly; but when it comes to more traditional bugs and limitations of the software, the vendor's priorities and self-interest may not be the same as the user's. With open-source software, any user who wants to, or needs to, make a change can do so whenever he or she wants -- at least in theory, if not in practice." Yourdon recommends that corporate IT planners develop a contingency plan for such a scenario. "The need to do so is fairly obvious: if DoD or other federal, state, and local government agencies are among your largest customers, but a government-wide mandate would quickly spread to aerospace/defense contractors, other Fortune 500 companies, and ultimately to the entire IT industry. Companies should take some relatively painless steps to ensure they are not utterly dependent on proprietary software to get their work done." Yourdon suggests companies begin looking at open-source alternatives to the proprietary packages they depend on today, such as the Mozilla Web browser and Sun's Star Office. Yourdon concludes, "If someone had told me a year ago that the Taliban would hasten the move to open-source computing, I would have dismissed it as a crazy idea. But these are crazy times, and we have to keep reminding ourselves to reexamine and reassess the assumptions and paradigms we depended on in the past." Could Cyber-Terrorism Promote Open-Source Software? ------------------------ Yahoo! Groups Sponsor ---------------------~--> Save on REALTOR Fees http://us.click.yahoo.com/Xw80LD/h1ZEAA/Ey.GAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-10-01 06:44:31 PDT