[Talk] Media Release: OPEN SOURCE USERS UNAFFECTED BY SASSER WORM - THE INTERNET KEEPS GOING DESPITE FLAWED PROPRIETARY SOFTWARE
David Purdue
david.purdue at auug.org.au
Mon May 10 14:44:38 EST 2004
Just to play devil's advocate...
Con Zymaris wrote:
>
> The first worm, by Robert Morris Junior, son of a senior NSA computer
> security expert and Unix pioneer, occurred in 1988. Even though it was
> not malicious and accidentally escaped from a lab, it brought the
> Internet to its knees for a few days. It directly caused the creation of
> a number of agencies, primarily CERT - Computer Emergency and Response
> Team. What the Morris Worm did clearly demonstrate is that there are
> substantial advantages for any organisation in using operating systems,
> middleware and applications from more than one codebase. Organisations
> who had a variety of platforms were able to keep part of their
> computing infrastructure going.
This release fails to mention that the Morris Worm propagated by
exploiting weaknesses in Sendmail, an open source program.
So it could also be said that what the Morris Worm did is clearly
demonstrate that software being open source does not imply that it is
immune to virus/worm attack.
If the real lesson is that I should source my applications from multiple
code bases, what is the alternate codebase for something that does the
same job as Apache?
;-)
DavidP
More information about the Talk
mailing list