Feeds

BCS Linux-baiting sparks flame war

Dad's Army hit by sweary Marys

High performance access to file storage

An article on open source security has sparked off a furious backlash in the normally polite and businesslike world of a British Computer Society journal.

Commentards have reacted furiously to a piece by Steve Smith, managing director of IT security consultancy Pentura, in the July Edition of ITNow. A lengthy first response by Luke Leighton takes the article apart paragraph by paragraph and contains a dozen expunged swearwords. The opening line of the 4,000 word rebuttal, for example, reads "the BCS is supposed to be a reputable organisation, yet this article - every paragraph - is complete [DELETED]."

The "censorship" of Luke's swearing provoked a fresh round of protests.

Meanwhile, other readers criticised the article as being a "disappointing and unnecessarily biased article, to the point of being misleading" and worse. Part of the problem is that the article was not properly distinguished from being either an analysis or an opinion piece.

If it was properly flagged as an opinion then perhaps some of the criticism about unsupported assertions might have been avoided, or at least reduced.

Commentards pulled few punches in laying into the article. Open source security is a contentious issue. In covering the subject I myself have been at the receiving end of adverse criticism, some well merited and some not, so I have some sympathy for the author.

Smith's apparent central premise - that neither closed or open source software are inherently superior from a security perspective - isn't by itself especially contentious or controversial. But the headline chosen "Can open source be secure?" sets the wrong tone and his argument contains little or no substantiation, leaving him wide open to criticism. Part of the article tips over and appears to suggest that closed source is more secure because the underlying source code is secret, a security by obscurity argument given short shrift by commentards. Several accused Smith of being either misinformed or hopelessly biased.

The BCS acknowledged the criticism in a post on the comments thread provoked by Smith's article.

The open source vs proprietary software debate is always a heated one. We have asked the author of the article to respond to the reader criticism.

BCS is absolutely against censorship, but as a professional organisation we have a responsibility to remove expletives, profanity and any comment which could potentially be construed as libellous from our site. The original comment has been replaced with all deletes highlighted; we apologise for any upset the initial editing may have caused.

The anonymous Reg reader who brought the criticism of the piece to our attention wonders why comment wasn't solicited from the BCS Open Source Specialist Group (OSSG), which would be able to supply a well-informed opinion on the subject.

Mark Elkins, chair of the OSSG confirmed it had not been contacted and expressed regret at this oversight. Elkins told The Register that his main regret was that BCS members might go away from the article in the mistaken belief it ought to be read as the professional organisation's considered view on the subject of open source security, instead of an opinion.

"The post at http://ossg.bcs.org makes it clear that the BCS Open Source SG (OSSG) were not contacted about the articles in ITNow," Elkins explained. "Whilst OSSG is run by its members ITNow is run by full-time BCS staff. As so many articles appeared at once - effectively creating a theme on OSS - I think there was an obligation to involve OSSG. Unfortunately that did not happen, which is a shame because OSSG cannot possibly validate what it is has no knowledge of.

"Having read the articles in ITNow it is not fully clear to me what status they have. For example are they meant to be opinions, mini-case studies that are intended to reflect the state-of-the-art, or whatever. The reader is given no guidance on this. A danger is that they might be seen as the BCS view or BCS advice on Open Source.

"If OSSG had been contacted then we would undoubtedly made changes to what appeared. For example one of our Committee members Andrew Katz is a qualified solicitor acknowledged to be an an expert on Free and Open Source Software (FOSS) whose input would have added clarity to legal and other issues."

We contacted Pentura on Monday to ask how Smith plans to respond to the article but are yet to hear back. So it's unclear whether Smith will respond to his critics or whether ITNow will address the subject by some other means, perhaps by inviting Elkins and other members of the BCS Open Source group to submit a better informed and researched article on the subject of open source security. ®

High performance access to file storage

More from The Register

next story
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Windows XP still has 27 per cent market share on its deathbed
Windows 7 making some gains on XP Death Day
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
US taxman blows Win XP deadline, must now spend millions on custom support
Gov't IT likened to 'a Model T with a lot of things on top of it'
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.