July 28, 2004 2:27 PM


I've been citing Wikipedia articles a lot in my recent postings.

I'd like to give the Wikipedia people a bit of a plug. They've instigated a free encyclopedia, written by... well, anyone who cares to help write it. ("Free" in this case means both the free software and free beer senses of the word.) The web site that hosts the encyclopedia is a "Wiki", a system that allows anyone who sees a problem with a page or wants to contribute to do so, immediately. There's literally a button on every part of every page named "edit".

Wikis, like all "open source" style projects, work on the stone soup model. You start with a small implementation of an idea and convince lots of people that they should help you improve it. What starts as a kettle and a rock turns into something far, far better. The public good "problem" is stood on its head. The non-rivalrous, non-excludable nature of pure information doesn't bring the "market failure" traditional economic analysis would predict, but instead becomes an advantage begging to be harnessed.

If any project shows the power of an open source community, it is Wikipedia. In a few short years, they've produced, for free, one of the best information resources I'm familiar with, and they've barely even started. If you haven't looked at Wikipedia, you should.

By coincidence Slashdot is running an interview today with Wikipedia's founder Jimmy Wales.

There's a great quote in the interview that I'd like to share:

I frequently counsel people who are getting frustrated [...] to think about someone who lives without clean drinking water, without any proper means of education, and how our work might someday help that person. It puts flamewars into some perspective, I think.

Imagine a world in which every single person on the planet is given free access to the sum of all human knowledge. That's what we're doing.

I think he's on to something. Couple

  • An internet filled with the complete sum of human knowledge
  • $10 laptop computers with cheap satelite internet access
and I think that it will no longer be possible to keep people poor and ignorant except if they want to be, no matter what their neighbors, religious leaders and governments might want.

For a fictional vision of what such technologies could bring, see The Diamond Age by Neal Stephenson.

July 27, 2004 12:03 PM

News Flash: Proprietary OS Vendor Dislikes Linux!

Dan O'Dowd, the CEO of Green Hills Software (which sells proprietary operating systems, often for defense contracts) has written an article in which he argues that Linux (and by implication, all open source software) should not be used in defense contracts. He claims that open source is a major security threat to defense systems, because evil foreign agents could infiltrate the open source developer community and insert trojan horses into software later used for military purposes.

I'm a big believer in avoiding the Ad Hominem fallacy, so even though Dan O'Dowd has every reason in the world to make this up from whole cloth to protect his business, lets treat the claim seriously and address it.

It is true that evil foreign agents could try to get trojan horses into the Linux sources (as could evil domestic agents). However, they could also get jobs with companies like, say Green Hills, or other defense contractors. The latter would seem like a far more direct route to sabotage, since you get a close look at how your software will be used and thus can plan your sabotage much more effectively.

Although it is true that people working on defense contracts usually have security clearances, it is far from clear that such clearances actually prevent espionage or sabotage. I know of no studies that validate the methodology used in security clearances, and certainly the "security clearance" barrier hasn't prevented lots of folks from causing damage to U.S. interests even when they've had the clearances.

It is also the case that much of the software that goes into defense systems is produced by people with no clearances whatsoever -- I doubt that Green Hills, for example, always goes through the trouble of clearing the guys who work on their base software products if they are not going to be doing classified work.

We also have the question of the "many eyes" theory of open source security, which O'Dowd makes fun of. Many open source advocates note that since anyone who wants to can read the source code to an open source product, it is harder to conceal back doors. O'Dowd attacks this by saying that there are none the less security holes found quite regularly in Linux. What he does not mention is that there are also security holes found quite regularly in Windows and other proprietary operating systems, and that there might even be security holes in his own products. The question we are looking at here is not whether or not there are bugs -- the question is whether it is easier or harder to conceal an intentional flaw in an open source system.

Although it is true that the ability of large numbers of people to read the code is no panacea, it certainly is a help. There are comparatively few people who get to read the code in proprietary systems, such as the ones Green Hills sells, so there are fewer people in a position catch a trojan inserted by a rogue programmer.

Mr. O'Dowd also misses one of the most important aspects of security -- he fails to discuss the economic tradeoffs (if any) being made in a given security decision. He mentions only the possible problems of using an open source operating system, but he ignores the price associated with not using one. Against the weak claim of decreased security, we have to balance the loss of functionality and increased cost that using a proprietary operating system might cause. Developers do not select open source software at random. They adopt it because it gives them better functionality and has a lower cost.

Indeed, the cost savings and productivity benefits of open source systems might easily make it possible to devote more effort to security in a design, and the improved tools available can make security far easier to implement. Open source operating system users take features like packet filters, MMU based memory protection for multiple processes, logging facilities, etc., for granted, but these features not available in many conventional embedded operating systems. Even the ones that do have any particular feature rarely provide the breadth of functionality of the open source systems.

Lastly, let me note that Mr. O'Dowd appears to be inventing the threat he describes. I doubt he has any actual evidence of evil foreign agents trying to subvert defense products by sneaking trojan horses into the Linux source base. If he does have such evidence, he did not mention it.

Overall, I think his argument against open source is pretty weak. I don't think defense agencies should give it much heed.

Posted by Perry E. Metzger | Send Feedback | Permalink | Categories: Open Source, Security