Re: [Fed-Talk] Apple closes down OS X Kernel
Re: [Fed-Talk] Apple closes down OS X Kernel
- Subject: Re: [Fed-Talk] Apple closes down OS X Kernel
- From: Brian Raymond <email@hidden>
- Date: Wed, 17 May 2006 18:14:01 -0400
- Thread-topic: [Fed-Talk] Apple closes down OS X Kernel
Title: Re: [Fed-Talk] Apple closes down OS X Kernel
Vendor lock-in, that is a concern for any platform closed or open that gets lost in the static a lot. I won’t name any names but I was recently supporting an exercise that standardized on Windows XP desktops and 2003 servers because that is the way the entire service is going.
I imagine a few of us have seen the extremely large MS contracts that the Army, Air force have put together, so you know where I might be going with this. Given the large investment, justifying something that isn’t MS since it’s already paid for is hard. Above and beyond that the thought is that it just makes life “easy” so they are running with MS end to end in a lot of places. It’s inevitable no matter which platform you are on that the infrastructure will suffer from a virus, trojan, Bill liking the Taliban ;-) , etc. and those assets will be brought down or compromised long term because of that.
If you place all of your eggs in one basket, no matter how strong it is perceived to be it’s inevitable something will happen and when it does you will lose everything (end to end) and not just a subset since everything is sitting in the same basket.
- Brian
On 5/17/06 6:02 PM, "Michael Pike" <email@hidden> wrote:
On 5/17/06, Brian Raymond <email@hidden> wrote:
I've used all of those arguments as well to fight for OSX/Linux/Solaris (used the closed source = security argument for Solaris in the past) in different environments to justify differnet things so I know very well how that can work.
I fought the "closed source = security" battle in the past at DISA in front of some high ranking officials and I have kept up with that fight in my current work and although that argument still holds a lot of strength it is being eroded away. Security through obscurity has won a lot of battles but hopefully in the not too distant future the general consensus will be that "security through obscurity" doesn't in itself imply a solution is more secure (read: closed source = high security).
I didn't go far enough to say "security through obscurity is no security at all" because that argument will take a long while to win.
Next time they argue in favor of closed source and "Microsoft only", ask them what happens if Bill Gates decides he likes the Taliban... do we really know that there is nothing in Windows that will bring us crashing down? Or hell, even a programmer at MS... what if they put in a little hook themselves.. similar to an Easter Egg only a lot more violent.
mike
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden