10.02.11

Bristol Council Claims it Chose Microsoft for ‘Security’

Posted in Europe, Free/Libre Software, Microsoft at 10:24 am by Dr. Roy Schestowitz

Bristol coat of arms

Summary: The laughing stock of the security world is said to have been favoured because it bought some expensive certifications

A FEW months ago we wrote about a bizarre dodge from Free software [1, 2], which happened after everything seemed finalised. No proper explanation was given and those involved were questioned about the sudden change of heart (with the suspicion that something nefarious had happened). Only months later, under persistent pressure from the public and from investigative journalists, we finally see this apparent excuse, which goes like this: “It has been considering a number of open source email solutions, but Bristol City Council confirmed to eWEEK Europe UK that none of them have the necessary government security accreditation to enable the council to use them.”

Is this the same reasoning which they gave to those companies? Is this an afterthought? An excuse? Being blessed by some expensive process (that carries no liability either) does not actually make the software more secure. It is not as though when Microsoft software gets cracked the certificate plays any role and somehow gives another target to point the finger at. This smells like dishonesty and since the White Houses uses Drupal and GNU/Linux, this claim holds no water, either.

There are many new examples of insecure proprietary software, one of which came last week from Novell on Windows. To quote:

“Unfortunately, a problem has been discovered with this file, which can potentially result in a system crash in certain circumstances.

The problem has been fixed, and the Client software has been re-released as Novell Client 2 SP1 for Windows (IR9a), available at:

http://download.novell.com/Download?buildid=rSUN_TTVSf0~

Please remove the (IR9) build, and use the (IR9a) version instead. We regret the inconvenience.

Thank you.”

How would certification have resolved such an issue? It wouldn’t have. In practice, Microsoft software and proprietary software are not secure, they are just more secretive and expensive.

The tale of Bristol has been followed quite closely by Mark Ballard, who writes about excuses such as the above (excluding all Free software in one fell swoop, pretending that Microsoft is the only secure option) in the following text:

Bristol City Council’s open source push has suffered another series of set-backs that point a finger of blame at CESG, the cyber security arm of government intelligence unit GCHQ.

Leaders at the local authority claim that the need for CESG security certification of e-mail systems effectively means the council has no choice but to buy Microsoft.

Senior Cabinet Office IT leaders have been asked to help as Bristol’s faltering open source strategy, still showing little progress after a year, highlighted problems besetting the coalition government’s own open source policy.

What a sham. As many other governments use Free software quite happily, this concern has little or no validity. It is a good excuse though — like one an employer uses to reject a candidate for reasons that are not technical/skills-related but qualifications-related.

In other news of interest, “U.K. Liberal Democrats urge open source,” but given the story of Bristol it seems like lip service. From the article:

The British government should ensure it owns all software code it pays for and should share that code for free within the public sector, says a policy paper adopted Sept. 20 by the Liberal Democrats party, the minority partner of the two-party ruling coalition forming the United Kingdom’s government.

In addition, the paper urges the British government to embrace collaborative software development along the lines of models on display at GitHub, an open source software project hosting website.

Someone should tell the Lib Dems that Bristol rejects British firms that offer Free software in favour of proprietary software from a foreign company with criminal history — software that the British public overpays for and has no control over.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

A Single Comment

  1. Michael said,

    October 2, 2011 at 11:50 am

    Gravatar

    Oh no! Someone made a choice Roy does not like!

What Else is New


  1. Censored EPO Publication: Staff Representatives Cannot Comment on the Survey Conducted by the Office's Management

    EPO management tried to muzzle EPO staff after the Office-wide staff survey turned out to be “nothing short of a disaster.”



  2. Censorship at the EPO is Counterproductive, Rendering the Censored Publications More Seductive and Censored People More Disgruntled

    The efforts to gag Techrights or to intimidate us have all been unfruitful; in a sense, they encouraged us to focus on EPO scandals even more and arguably invoked the 'Streisand Effect' at the EPO (most workers read this site, no matter what their bosses say)



  3. EPO Management Has No Plans Other Than Granting Loads of Invalid Patents (e.g. Software Patents) to Pocket Fees and Then Grift/Gamble With the Money

    The EPO does not know what the hell it’s doing; it’s more of that magical festival-like thinking, as if running a patent office is Eurovision



  4. Links 1/12/2020: KDE Plasma 5.20.4, GNU Octave 6.1, OpenZFS 2.0, and PinePhone KDE Community Edition

    Links for the day



  5. [Meme] Public Servants Who Only Serve Themselves and Their Predecessors (Who Gave Them the Job)

    The Benoît Battistelli-appointed António Campinos (an old friend of his) isn’t just covering up the EPO‘s financial scams but contributes to these; when will this house of cards (arse-covering) fall and will that take a special (independent) investigator?



  6. Censored EPO Publication: Battistelli Can Have His Multi-Billion Euro EPO Scam, So Why Can't Campinos Too?

    Mr. Campinos, seeing what Mr. Battistelli has managed to get away with (the Commission approves, having been infiltrated by friends of the ringleaders), piggybacks or follows the steps of his appointer by blasting almost a billion euros on a worthless project with no real purpose and the Central Staff Committee (CSC) warns it has "very high risk of mismanagement and fraud"



  7. Staff Representation of the EPO Explains to EPO Management That It's Breaking the Law, Robbing the Staff, and Lying to Staff

    Human rights, basic dignity and labour protections of EPO staff are routinely violated and the staff is also being robbed based on false pretenses; the staff representatives write to refute "[t]he Office’s report [which] has been made available on the Intranet"



  8. European Commission's Thierry Breton Covers Up EPO Corruption For His Friend Benoît Battistelli

    Thierry Breton is the sort of official who causes people to vote for Brexit (or similar exits from the EU); he’s enthusiastically defending EPO corruption and he also calls for constitutional violations in many member states — all in the name of patent maximalism (Team UPC’s coup attempt)



  9. IRC Proceedings: Monday, November 30, 2020

    IRC logs for Monday, November 30, 2020



  10. Links 30/11/2020: GhostBSD 20.11.28, Nitrux 1.3.5, Linux 5.10 RC6, GNOME Circle, Microsoft Collapses Again in Web Server Share

    Links for the day



  11. Alternatives to the World Wide Web, to HTML, to HTTP/S, and to the Internet

    Looking around the Web (yes, the Web) for alternatives to the Web (and the stack underneath the Web), we're finding that IPFS is mature and robust enough for our needs



  12. Management of the EPO Dragged to the International Labour Organisation Over Its Assault on the Right to Strike

    Opinion on strikes challenged by the Central Staff Committee of Europe's second-largest organisation; if strike rights are almost abolished there, what hope is there for the rest of Europe?



  13. [Meme] Management of the EPO Cannot Let the Staff Breathe or Smell Freedom

    Working for the EPO means giving up on one’s human rights; that’s the sort of conclusion many workers have reached



  14. “ViCo” is Nothing New (Not Even the Acronym), Done on 9/11 Last Year, Been Possible as Long as the EPO Has Existed

    Contrary to what many people are led to believe, the EPO isn't embracing innovation, it's just embracing COVID-19 and leveraging lock-downs (de facto house arrest to some) to impose an illegal practice on EPO staff and EPO stakeholders



  15. Release: Early Letters and Documents About Financial Hoax Disguised as EPO 'Study'

    It was over a year ago that staff representation at the EPO expressed concerns about what would later enrage workers — seeing that based on unscientific fabrications the EPO would take away what had been promised to them



  16. IRC Proceedings: Sunday, November 29, 2020

    IRC logs for Sunday, November 29, 2020



  17. Managing IP: Puff Pieces Galore for the EPO's Dictatorship (Complete With Buzzwords and PR Stunts)

    By giving a platform to notorious patent trolls and ‘engaging’ with the EPO‘s dictator (whom only 3% of EPO staff trusts) Managing IP is sort of giving away its real agenda, which isn’t journalism but conducting or assisting misinformation campaigns



  18. Links 29/11/2020: Genode OS Framework 20.11, Linux 5.11 Kernel Changes, and Latest in KDE Itinerary

    Links for the day



  19. Sincere Thoughts About Outreachy

    Outreachy's role in the Free software community and inclusion in the FSF's High Priority Projects, as seen from the eyes of a female coder from a minority group; she used to work for the Free Software Foundation (FSF) and she expresses concerns about what Outreachy has become



  20. Free Software Under Tyranny of Codes of Conduct as the Western Equivalent of Blasphemy Law (Corporations as the New Religion/Sponsors as Deities)

    The free speech crisis in Free software communities has enabled expulsion of opinionated people whose opinions truly matter; in their place we now have companies that bomb people, sometimes even kidnapping children and sterilising women because nothing says “Ethics” like naked fascism and corporate domination everywhere



  21. Release: 4 More Documents and Letters About the Financial Siege at Europe's Second-Largest Institution

    Documents disputing the accuracy of the "hoax" from António Campinos and the Mercers



  22. One Year Ago: The Last EPO Demonstration Before COVID-19

    About a year ago staff of the EPO apparently had its last protest (in front of the Isar building) before staff got ‘herded’ into homes, where workers became more isolated and even illegally spied on



  23. [Meme] Unified Patent Court Agreement (UPCA) is an Attack on Europe and the European Businesses That Don't Do Litigation

    Litigation lawyers and patent zealots want to set Europe ablaze with legislation that they themselves crafted; thankfully, however, they face constitutional obstacles, no matter how many politicians they bamboozle and buy



  24. Reasons EPO Staff Decided to Go on Strike This Year (Before or Until Coronavirus Prevented It)

    An year-old letter from the Staff Union of the European Patent Office (SUEPO) to the President of the EPO; 7 reasons for going on strike are enumerated



  25. EPO Can Save Money by “Dropping Events Like the Inventor of the Year, Reducing the Number of Managers, Throwing Less Money at Consultants or Bringing the Boards of Appeal Back into Office Buildings.”

    Constructive suggestions from EPO staff, made just over a year ago and assembled into a letter to their EPO colleagues



  26. The Real Fate of the UPC 'Stunt' in Germany Will be Known Next Month (or Next Year) and There Are Substantial Constitutional Barriers in the Way

    Contrary to what Team UPC wants people to think, UPC(A) isn’t a “done deal” in Germany; they never actually addressed the substance of complaints and with help from Benoît Battistelli‘s friends in the Commission they’re just attempting a blatant coup



  27. Microsoft Removes Free Software From GitHub Again, This Time for Motion Picture Association (MPA)

    GitHub is proving to be more of a censorship site than a code-sharing site; with the GitHub takeover Microsoft became a 'censorship police' or force of occupation against its ideological competition; just weeks after the YouTube-DL debacle and further take-downs seeking to 'protect' broken DRM schemes (by banning code) we can see that Microsoft isn't defending developers at all; it's just protecting the interests of MPA, RIAA and other Biden circles from the interests of the general population, which sometimes circumvents perfectly circumventable 'DRM' schemes



  28. IRC Proceedings: Saturday, November 28, 2020

    IRC logs for Saturday, November 28, 2020



  29. Help Make Techrights (and Other Technology-Centric Sites) More Robust to Censorship by Setting Up More IPFS Nodes

    We’re trying to improve the site’s availability (ensuring it can never be offline) and make it more censorship-resistant; people who adopt IPFS can make that happen while tackling the “bloated Web” and “centralised Internet” issues — all at the same time



  30. Microsoft Loves Linux and Android Apps Running on Windows Instead of GNU/Linux and Android Devices

    Microsoft loves Linux, they say; but as Microsoft's former VP James Allchin put it: "If you're going to kill someone there isn't much reason to get all worked up about it and angry -- you just pull the trigger [...] We need to smile at Novell while we pull the trigger."


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts