Re: CRIME GNU Help

From: Crispin Cowan (crispin@private)
Date: Tue Jul 15 2003 - 19:33:45 PDT

Next message: Kuo, Jimmy: "RE: CRIME GNU Help"

Previous message: Kuo, Jimmy: "RE: CRIME GNU Help"
In reply to: Kuo, Jimmy: "RE: CRIME GNU Help"
Next in thread: Kuo, Jimmy: "RE: CRIME GNU Help"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Kuo, Jimmy wrote:

>Also, in AV, I don't have to worry about how I look in this debate, because
>there is no open source alternative.  Aside from the laughable (and illegal;
>technology and string information stolen from a Russian AV company) effort
>passing as Open Source AV, we are a service offerring, not just products.
>And this is true in much of the security arena.
>
That's because the virus problem itself is unique to proprietary 
operating systems :)

Caveat: Yes, I know about the few "proof of concept" viruses for *NIX. 
They are wind-up toys that never propagate effectively.

>The circumstance where Open Source is good at providing "patches" quicker
>than the proprietary arena involves the "emergency" scenarios.  And though
>this is true even for security products, what the "companies" are good at
>are the regular, mundane updates.  That's the service aspect that you can't
>buy with Open Source, and that's what's more true in our ("Security") area
>of expertise.
>
It's not free, but you can buy service for open source products. Many 
companies will sell you service for mundane tasks for open source 
systems. The above is just false.

>The issue of owning the source code for the service that you contract out.
>There has got to be an escrow aspect to the contract where the government
>can get that source.  That is in every contract that I've seen in a service
>contract.  The issue then is in how much someone is not doing their job
>according to the contract.  So, it boils back to the contract.  So, it's not
>really an Open Source issue.
>
Escrow is different from open source. If you had proprietary code 
provided via contract, and then you wanted to engage a different company 
for an upgrade, you'd be screwed: you're locked in to dealing with the 
same contractor, even if you were not particularly pleased with their 
performance. OTOH, if you had open source licensing terms applied to the 
bespoke software you contracted for, then you could engage anyone you 
wanted to subsequently update it.

Crispin

-- 
Crispin Cowan, Ph.D.           http://immunix.com/~crispin/
Chief Scientist, Immunix       http://immunix.com
            http://www.immunix.com/shop/

Next message: Kuo, Jimmy: "RE: CRIME GNU Help"
Previous message: Kuo, Jimmy: "RE: CRIME GNU Help"
In reply to: Kuo, Jimmy: "RE: CRIME GNU Help"
Next in thread: Kuo, Jimmy: "RE: CRIME GNU Help"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 15 2003 - 19:48:08 PDT