Feeds

BCS Linux-baiting sparks flame war

Dad's Army hit by sweary Marys

Security for virtualized datacentres

An article on open source security has sparked off a furious backlash in the normally polite and businesslike world of a British Computer Society journal.

Commentards have reacted furiously to a piece by Steve Smith, managing director of IT security consultancy Pentura, in the July Edition of ITNow. A lengthy first response by Luke Leighton takes the article apart paragraph by paragraph and contains a dozen expunged swearwords. The opening line of the 4,000 word rebuttal, for example, reads "the BCS is supposed to be a reputable organisation, yet this article - every paragraph - is complete [DELETED]."

The "censorship" of Luke's swearing provoked a fresh round of protests.

Meanwhile, other readers criticised the article as being a "disappointing and unnecessarily biased article, to the point of being misleading" and worse. Part of the problem is that the article was not properly distinguished from being either an analysis or an opinion piece.

If it was properly flagged as an opinion then perhaps some of the criticism about unsupported assertions might have been avoided, or at least reduced.

Commentards pulled few punches in laying into the article. Open source security is a contentious issue. In covering the subject I myself have been at the receiving end of adverse criticism, some well merited and some not, so I have some sympathy for the author.

Smith's apparent central premise - that neither closed or open source software are inherently superior from a security perspective - isn't by itself especially contentious or controversial. But the headline chosen "Can open source be secure?" sets the wrong tone and his argument contains little or no substantiation, leaving him wide open to criticism. Part of the article tips over and appears to suggest that closed source is more secure because the underlying source code is secret, a security by obscurity argument given short shrift by commentards. Several accused Smith of being either misinformed or hopelessly biased.

The BCS acknowledged the criticism in a post on the comments thread provoked by Smith's article.

The open source vs proprietary software debate is always a heated one. We have asked the author of the article to respond to the reader criticism.

BCS is absolutely against censorship, but as a professional organisation we have a responsibility to remove expletives, profanity and any comment which could potentially be construed as libellous from our site. The original comment has been replaced with all deletes highlighted; we apologise for any upset the initial editing may have caused.

The anonymous Reg reader who brought the criticism of the piece to our attention wonders why comment wasn't solicited from the BCS Open Source Specialist Group (OSSG), which would be able to supply a well-informed opinion on the subject.

Mark Elkins, chair of the OSSG confirmed it had not been contacted and expressed regret at this oversight. Elkins told The Register that his main regret was that BCS members might go away from the article in the mistaken belief it ought to be read as the professional organisation's considered view on the subject of open source security, instead of an opinion.

"The post at http://ossg.bcs.org makes it clear that the BCS Open Source SG (OSSG) were not contacted about the articles in ITNow," Elkins explained. "Whilst OSSG is run by its members ITNow is run by full-time BCS staff. As so many articles appeared at once - effectively creating a theme on OSS - I think there was an obligation to involve OSSG. Unfortunately that did not happen, which is a shame because OSSG cannot possibly validate what it is has no knowledge of.

"Having read the articles in ITNow it is not fully clear to me what status they have. For example are they meant to be opinions, mini-case studies that are intended to reflect the state-of-the-art, or whatever. The reader is given no guidance on this. A danger is that they might be seen as the BCS view or BCS advice on Open Source.

"If OSSG had been contacted then we would undoubtedly made changes to what appeared. For example one of our Committee members Andrew Katz is a qualified solicitor acknowledged to be an an expert on Free and Open Source Software (FOSS) whose input would have added clarity to legal and other issues."

We contacted Pentura on Monday to ask how Smith plans to respond to the article but are yet to hear back. So it's unclear whether Smith will respond to his critics or whether ITNow will address the subject by some other means, perhaps by inviting Elkins and other members of the BCS Open Source group to submit a better informed and researched article on the subject of open source security. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
PEAK APPLE: iOS 8 is least popular Cupertino mobile OS in all of HUMAN HISTORY
'Nerd release' finally staggers past 50 per cent adoption
Microsoft to bake Skype into IE, without plugins
Redmond thinks the Object Real-Time Communications API for WebRTC is ready to roll
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
Mozilla: Spidermonkey ATE Apple's JavaScriptCore, THRASHED Google V8
Moz man claims the win on rivals' own benchmarks
Yes, Virginia, there IS a W3C HTML5 standard – as of now, that is
You asked for it! You begged for it! Then you gave up! And now it's HERE!
FTDI yanks chip-bricking driver from Windows Update, vows to fight on
Next driver to battle fake chips with 'non-invasive' methods
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
Ubuntu 14.10 tries pulling a Steve Ballmer on cloudy offerings
Oi, Windows, centOS and openSUSE – behave, we're all friends here
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.