The reason it is good news for shareholders of Google and open source advocates are obvious:
- In developing another source of income Google's profits will sore
- Google is built on open source, from the Linux operating system to all the web applications it utilizes to the database servers to runs everything in Google
What is not obvious is why it is good news for the American public - open source programs and application suites are less expensive than the closed source programs and applications offered by Microsoft and is more secure than anything from the closed sourced community.
At this point you must be really confused. If open source is more secure and less expensive that closed source why is it bad news for Department of Homeland Security? Well, from it's inception the DHS has been having trouble justifying the cost and size of it's IT department. DHS spends hundreds of millions of dollars each year on computers and computer security systems and they still have on average over 6,000 successful breaches to their computer systems every month. DHS only uses Microsoft products and Microsoft certified third party applications and devices. This is the same agency that wants the whole Federal government to use only Microsoft products and Microsoft certified products.
A little known Linux fact will explain why Linux is so secure - back in the early days of Linux development, the National Security Agency (NSA), a US super secret security agency, adopted Linux and modified the kernel to make it secure and created a new Linux distribution called Security Enhanced Linux or SE Linux for short. Over time the SE Linux kernel was incorporated into the main Linux kernel and is now standard in most distributions of Linux like Red Hat Enterprise Linux, Fedora, Novel SuSE, open SuSE, Mandiva, Debian, Ubuntu and Centos.
Other open source providers like openoffice.org (office suite) and MySQL (database suite) have adapted the principals of SE Linux into their code. The principals of SE Linux is to treat all users and input sources as suspicious and a threat to the system. Before anyone can do anything in Linux they must be authenticated - i.e. provide a username and password combination that is registered in the system. They can only access data and services that are allowed in their personal and group profiles. Likewise, in both openoffice.org and MySQL applications, users can only access files and data that their user profile allows. Also these applications can only access services and devices that the user is allowed to access.
This is why Google's venture into supplying web applications to the US government is bad news for cyber-terrorists, Microsoft and DHS:
Cyber-terrorists will find it extremely difficult to penetrate open source systems used by Google - just ask the Chinese how long it took them to break into Google and how soon after breaking in they were detected.
Microsoft products are notoriously buggy with many security holes. Microsoft's philosophy is simply deny there is a problem. Any security issue that is not confirmed by Microsoft just do not exist. When faces with irrefutable evidence, look for third part software to blame. This philosophy has allowed Microsoft to have security issues that are unresolved for up to two years. When a large organization suffer major losses because of the security issue and threaten Microsoft, the security issue is suddenly confirmed and fixed within a few months.
The DHS is so tightly tied into the Microsoft food chain that they believe whatever Microsoft says is gospel truth - open source and Linux is very insecure, therefore if the DHS were to go open source the successful security breaches will more than double and will require extensive retraining of the IT department. The only thing true about DHS argument is the IT department will need extensive retraining to learn what Microsoft did not want them to know - how to implement proper security. The retraining costs will be recovered from the savings of no annual software licensing fees, the costs of purchasing new software suites, the need for replacing hardware every two to three years to run the new software suites on.
Other savings include less reliance on expensive third party security suites and reduced IT support staff. Third party security suites will almost become useless as they only exist to "secure" the Windows environment. About 90% of the computer security industry exists because of Windows insecurity. As open source systems and applications are more secure, reliable and less buggy, there is less demand on the IT support staff. In short, the DHS will have to downsize their IT department resulting in a corresponding cut in their budget.
No comments:
Post a Comment