Bonum Certa Men Certa

British Computer Society (BCS) Distances Itself From Controversial Article Belittling Free/Libre Software Security

Escape key



Summary: BCS escapes bad publicity by clarifying that an article it (re)posted does not represent its views; Katherine Noyes explains what makes GNU/Linux particularly secure

LAST WEEK we responded to FUD from the British Computer Society (BCS) Web site. David Evans from BCS replied to our post and politely explained the situation. It turns out that many other sites -- not just Techrights -- were upset by the article which BCS had published. The article basically claimed that Free/open source software is fundamentally less secure than non-Free software. This whole thing started a "flame war" and The Register (UK) explains how so:



BCS Linux-baiting sparks flame war



[...]

Meanwhile, other readers criticised the article as being a "disappointing and unnecessarily biased article, to the point of being misleading" and worse. Part of the problem is that the article was not properly distinguished from being either an analysis or an opinion piece.

[...]

Mark Elkins, chair of the OSSG confirmed it had not been contacted and expressed regret at this oversight. Elkins told The Register that his main regret was that BCS members might go away from the article in the mistaken belief it ought to be read as the professional organisation's considered view on the subject of open source security, instead of an opinion.


There are complaints there about the BCS deleting opinions. If true, that's truly shameful.

Speaking of Free software and GNU/Linux security, Katherine Noyes began writing some nice articles for IDG rather than ECT. One of her very latest is an article titled "Why Linux Is More Secure Than Windows" (this extends to Free software in general). One line of argument goes like this:

"Linus' Law"--named for Linus Torvalds, the creator of Linux--holds that, "given enough eyeballs, all bugs are shallow." What that means is that the larger the group of developers and testers working on a set of code, the more likely any flaws will be caught and fixed quickly. This, in other words, is essentially the polar opposite of the "security through obscurity" argument.

With Windows, it's a limited set of paid developers who are trying to find problems in the code. They adhere to their own set timetables, and they don't generally tell anyone about the problems until they've already created a solution, leaving the door open to exploits until that happens. Not a very comforting thought for the businesses that depend on that technology.

In the Linux world, on the other hand, countless users can see the code at any time, making it more likely that someone will find a flaw sooner rather than later. Not only that, but users can even fix problems themselves. Microsoft may tout its large team of paid developers, but it's unlikely that team can compare with a global base of Linux user-developers around the globe. Security can only benefit through all those extra "eyeballs."


Visibility does make code more secure. To suggest otherwise is to assume that obfuscation trumps peer review. The BCS ought to understand the importance of peer review, as well as having research be published along with open data for replication/verification by independent parties. GNU/Linux development follows the scientific paradigm, which usually makes it more fault tolerant.

Recent Techrights' Posts

Mass Layoffs at IBM Today, Just Like Prominent Rumours Said Upfront
past couple of hours
IBM is Acting No Better Than Patent Trolls, Preying on Smaller Companies by Suing Them With Software Patents
No Red Hat employee should tolerate this aggression by the employer
Something Has Gone Very Wrong at iTWire
"iTWire has descended into marketing spam"
 
The Linux Foundation is Associating Linux With Scams and With Scam Sites Right Now (Like the Wife of Jim Zemlin Did)
they profit from the sellouts
Google's YouTube Already Blocking People Who Block Ads
YouTube feels like it's dying
Links 17/09/2024: More on Microsoft Cuts and XBox Backward Compatibility Issues
Links for the day
The Hallmark of a Dying Company Running Low on Money (But Still Trying to Hide That)
Microsoft should look into selling red markers
UEFI 'Secure' Boot Has Put Security at Risk, Suggests New Report
We're vindicated once again
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, September 16, 2024
IRC logs for Monday, September 16, 2024
Links 17/09/2024: China Sanctions and Breadth of Latest Microsoft Layoffs Elaborated Upon
Links for the day
Gemini Links 17/09/2024: Small Improvements in Carbon Capture and Pseudo-Productivity In Java
Links for the day
'Open'AI Looks Like a Company Headed Towards Bankruptcy, Not IPO, Losses Grew Almost Tenfold in a Year (Yes, it's Just a Bubble Facilitated by Artificial Hype)
This isn't going to end well, especially not for Microsoft
Apple is Canceling Products, Services, Even Lays Off Staff in Large Numbers Every Few Months
Apple cancelling some more things
Later on Elon Musk Wonders Why Large Nations Block His Pet 'Social Control Media' (Incitement/Radicalisation) Platform...
This isn't a question of "censorship" because there's a call to kill
Microsoft: Layoffs Are Growth
Orwell would have loved this newspeak
Links 16/09/2024: Verizon Layoffs, 'Tram Driver Olympics', and Anniversary of Mahsa Amini's Death
Links for the day
Gemini Links 16/09/2024: ROOPHLOCH and MyGemini.Space
Links for the day
Invidious Instances Explain What Google/YouTube (Alphabet/Pentagon) Did To Them This Past Week
They're unambiguous about this
Dr. Richard M. Stallman (RMS) on How to Make People Care About Free Software and Why Prohibiting Proprietary Software Would Not Work
"maybe a similar general approach could work with non-Free software as a way of discouraging it from being a successful business."
Please Quit Uploading Event Talks (Especially of Free Software) to YouTube
This is enshittification
Links 16/09/2024: Shrinking Economy, Climate Issues, Soaring Energy Costs
Links for the day
'Former' Microsofter Jason Perlow Left Linux Foundation
The "communication" people from the Linux Foundation are basically scammers
MyGem Launched to Make Adoption of Gemini Protocol (With Gemini Hosting) a Lot Easier
a new week and also a new capsule
Disregard for History is Disregard for (Computer) Science
They're killing the real entrepreneurs and innovators
Dr. Richard M. Stallman (RMS) on His Hobbies and Health
Answering a question from the audience in Germany
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, September 15, 2024
IRC logs for Sunday, September 15, 2024
Gemini Links 16/09/2024: billsmugs.com Becomes rainywhile.net, Zaurus on Internet
Links for the day
[Meme] Wrong Priorities at Universities
Because what matters isn't expertise
Science and Academia Under Attack, Imposters Inheriting or Aggressively Seizing the Top Roles
Academia has turned into a bad place
Microsoft and the Sunk Cost Fallacy
"Microsoft aims for the sunk cost fallacy"
Turning Away Unwanted and/or Predatory Bots
If no human will ever read it, what's the point serving?
Links 15/09/2024: Complicated Music Licensing Schemes and Dangers of Sleep Deprivation
Links for the day
Links 15/09/2024: Sci-fi London 2024 and Outsourcing to Proton Mail
Links for the day
Links 15/09/2024: French Teachers Quit in Droves, Why 'eSports' are Not Sports
Links for the day
[Meme] Red Hat Staff Must Learn IBM's Dark History (IBM Still Boosts Donald Trump, So No Lessons Learned)
This isn't a subject for humour
Don't Fall for Reputation Laundering and Whitewashing
Remember history, don't pay attention to PR and charm offensives
[Meme] Microsoft as a Joke That Writes Itself
"Microsoft confesses its recent security updates…broke Windows 10 security patches"
GNU Turns 41 in Just 12 Days
Can truth and science be resuscitated, please?
[Meme] Large Language Models (LLMs) Destroy the Web With an Ocean of Disinformation and Misinformation, Falsely Promoted as "Intelligence" by Microsoft et al
"Microsoft bribes the media to say 'Microsoft loves Linux'"
Dr. Richard M. Stallman (RMS) Asks People to Stop Calling Large Language Models (LLMs) "Artificial Intelligence" (AI)
"I think that the first step is stop calling them AI"
Even Microsoft Boosters Think XBox is Doomed
"Reports Say Morale At Xbox Is “Very Low”"... a Microsoft booster cited by them
Dr. Richard M. Stallman (RMS): "There are still people who make it their business to try to stop me from getting invited to speak, and it's a slow process working back from that"
From the talk he gave last month
Very Few Invidious Instances Still Work (for Video Playback)
Google has sabotaged Invidious
Sites Writing Fake News About Linux Using LLMs (Microsoft Hype That Promotes Misinformation)
RMS recently called these "bullshit machines"
Gemini Links 15/09/2024: MINIbase and Pocket Reform Experience
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, September 14, 2024
IRC logs for Saturday, September 14, 2024