MediaFilter on Thu, 2 Apr 1998 11:18:45 +0200 (MET DST) |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
<nettime> Out the Windows |
OUT THE WINDOWS Open source code development is the key to real progress and growth in the now tired monopoly marketplace that has up till now limited the vast creativity and innovative talents that yearn to be free from the tyranny of overly- hyped, rushed to the marketplace, bad code. The first massmarket computers had DOS and today's massmarket operating system is still trying to recover from the plagues of its legacy... and before that, in order to meet their contract deadlines, without thinking ahead, just to make the machines do what they promised to make them do, a bunch of COBOL programmers saved some BYTES to speed up the power of the banks to count money...not realizing that by the time they were entering into retirement, they would find themselves once again in demand to come back and clean up their messy legacy, the TWO DIGIT DATE a/k/a MILLENNIUM BUG... These lessons are important to note of as we move on into a refreshed climate of open development with the high level of enthusiasm for projects like the free LINUX operating system and JAVA and the release of the sourcecode for NETSCAPE--all the elements to push computing and network communications and production of audiovisual media to a new level by allowing independent developments of the tools and applications for everyday use. No code should be released before its time! If FORD or GM sold cars with as many bugs as much Monopolycorporate Software (MS), the repair costs from the millions of recalled vehicles would drive them out of business. Independent developers should heed this call.... Better and less expensive...there is no doubt that LINUX is a far better operating system than any brand of WINDOWS or MacOS but it is difficult for most people to use LINUX because there is a shortage of development of GUI's and popular applications that are otherwise widely available for lesser operating systems. Popular application development in JAVA is the key to transitioning from an expensive, inferior operating system, to a superior, INexpensive one on a mass level. Once code will run an any platform, regardless of CPU, the OS monopoly is broken and free development can flourish, spawning opportunities in its wake. But, before we get too euphoric, let's get back to the potential plagues of legacy code that can force any development back to the drawing board... We run LINUX here on our net at NAME.SPACE and we love it ...and the open development aspect of it. However, there are many practical reasons why we will eventually abandon LINUX on our critical servers and replace it with netBSD (another free version of UNIX) because LINUX has too many insurmountable security holes--legacy code--built into it. One of the most disturbing and least likely to be fixed in the short run is the LINUX memory management structure (referred to as "trampoline" structure) which, due to the its executeable memory stacks, makes it succeptable to stack overflow exploits which gives predators a rootshell and thus control and full access to the machine. The many security flaws in LINUX are well known and there are many "tools" available on the net for even unsophisticated predators to use to totally HIJACK a LINUX host. [ Some of these flaws have been demonstrated to us during ] [ a recent security audit performed on our systems by ] [ our technical team and it was a very rude awakening. ] As a standalone machine without outside users however, LINUX is an inexpensive, superior OS and excellent example of open source development. Just make a release that is easier to install than the MS systems and everyone will switch! The cautions are not meant to diminish the value and necessity of open-source code development--quite the contrary-- but as a reality-check on the inherent vulnerabilities to security on an individual as well as a network level by running code that is not quality controled. (not that we should "trust" any Monopolycorporate Software-- quite the opposite) If open source development is to succeed, then we must encourage not only its existance and growth, but also come up with a process of reviewing and evaluating the "health" of the applications we run. As simple users, most people are unaware of the ways in which their privacy and security is compromised on a daily basis by running the MS applications available to them. Recall for example the ActiveX threat revealed two years ago by the Chaos Computer Club (CCC) in which a user of windows running Quicken could have money transferred from their account to another without their knowledge by a nasty implimentation of ActiveX. Other examples abound, and more are yet to be discovered. In this light, it is imperitive that an independent consortium of programmers, security experts and developers set up a forum to freely exchange knowledge and testing of software. This already exists outside the corporate government structure in many forums including publications like 2600 and the efforts of Computer Professionals for Social Responsibility (CPSR), CCC, EFF and others, but their audience has mostly been limited to their small communities of specialists and enthusiasts. It is important to create a bridge to the less sophisticated users and non-specialists so they can increase their awareness in the risks and benefits associated with computers and online culture. Socially responsible and conscious programmers and technical experts should devote a portion of their time and energy to evaluating applications and educating the users as to the benefits and risks of running them. Making the source-code publicly available makes all programmers accountable for their work to ensure that users are not exploited through TROJAN HORSE backdoors or other "Data Body Invasions" that may be coded into applications by the unscrupulous. Freely available code and easy to use applications will create the liberty to throw all the legacy MS stuff out the window... The next step is for all programmers who work for MS companies to quit their jobs, and start working at home writing shareware...the world will probably benefit with much better code, and the programmers themselves will make a better living while leading the lives they choose to lead, writing code in between. --Paul Garrin 04011998 Footnote: The EPOCH of the UNIX operating system (of which LINUX is a flavor) begins on midnight, 0.00 UTC, January 1, 1970 and looks forward. The UNIX "Millenial Crisis" will hit on Monday, January 19 2039 03.14.07 UTC... --- # distributed via nettime-l : no commercial use without permission # <nettime> is a closed moderated mailinglist for net criticism, # collaborative text filtering and cultural politics of the nets # more info: [email protected] and "info nettime-l" in the msg body # URL: http://www.desk.nl/~nettime/ contact: [email protected]