Feeds

BCS Linux-baiting sparks flame war

Dad's Army hit by sweary Marys

Internet Security Threat Report 2014

An article on open source security has sparked off a furious backlash in the normally polite and businesslike world of a British Computer Society journal.

Commentards have reacted furiously to a piece by Steve Smith, managing director of IT security consultancy Pentura, in the July Edition of ITNow. A lengthy first response by Luke Leighton takes the article apart paragraph by paragraph and contains a dozen expunged swearwords. The opening line of the 4,000 word rebuttal, for example, reads "the BCS is supposed to be a reputable organisation, yet this article - every paragraph - is complete [DELETED]."

The "censorship" of Luke's swearing provoked a fresh round of protests.

Meanwhile, other readers criticised the article as being a "disappointing and unnecessarily biased article, to the point of being misleading" and worse. Part of the problem is that the article was not properly distinguished from being either an analysis or an opinion piece.

If it was properly flagged as an opinion then perhaps some of the criticism about unsupported assertions might have been avoided, or at least reduced.

Commentards pulled few punches in laying into the article. Open source security is a contentious issue. In covering the subject I myself have been at the receiving end of adverse criticism, some well merited and some not, so I have some sympathy for the author.

Smith's apparent central premise - that neither closed or open source software are inherently superior from a security perspective - isn't by itself especially contentious or controversial. But the headline chosen "Can open source be secure?" sets the wrong tone and his argument contains little or no substantiation, leaving him wide open to criticism. Part of the article tips over and appears to suggest that closed source is more secure because the underlying source code is secret, a security by obscurity argument given short shrift by commentards. Several accused Smith of being either misinformed or hopelessly biased.

The BCS acknowledged the criticism in a post on the comments thread provoked by Smith's article.

The open source vs proprietary software debate is always a heated one. We have asked the author of the article to respond to the reader criticism.

BCS is absolutely against censorship, but as a professional organisation we have a responsibility to remove expletives, profanity and any comment which could potentially be construed as libellous from our site. The original comment has been replaced with all deletes highlighted; we apologise for any upset the initial editing may have caused.

The anonymous Reg reader who brought the criticism of the piece to our attention wonders why comment wasn't solicited from the BCS Open Source Specialist Group (OSSG), which would be able to supply a well-informed opinion on the subject.

Mark Elkins, chair of the OSSG confirmed it had not been contacted and expressed regret at this oversight. Elkins told The Register that his main regret was that BCS members might go away from the article in the mistaken belief it ought to be read as the professional organisation's considered view on the subject of open source security, instead of an opinion.

"The post at http://ossg.bcs.org makes it clear that the BCS Open Source SG (OSSG) were not contacted about the articles in ITNow," Elkins explained. "Whilst OSSG is run by its members ITNow is run by full-time BCS staff. As so many articles appeared at once - effectively creating a theme on OSS - I think there was an obligation to involve OSSG. Unfortunately that did not happen, which is a shame because OSSG cannot possibly validate what it is has no knowledge of.

"Having read the articles in ITNow it is not fully clear to me what status they have. For example are they meant to be opinions, mini-case studies that are intended to reflect the state-of-the-art, or whatever. The reader is given no guidance on this. A danger is that they might be seen as the BCS view or BCS advice on Open Source.

"If OSSG had been contacted then we would undoubtedly made changes to what appeared. For example one of our Committee members Andrew Katz is a qualified solicitor acknowledged to be an an expert on Free and Open Source Software (FOSS) whose input would have added clarity to legal and other issues."

We contacted Pentura on Monday to ask how Smith plans to respond to the article but are yet to hear back. So it's unclear whether Smith will respond to his critics or whether ITNow will address the subject by some other means, perhaps by inviting Elkins and other members of the BCS Open Source group to submit a better informed and researched article on the subject of open source security. ®

Providing a secure and efficient Helpdesk

More from The Register

next story
Preview redux: Microsoft ships new Windows 10 build with 7,000 changes
Latest bleeding-edge bits borrow Action Center from Windows Phone
Google opens Inbox – email for people too thick to handle email
Print this article out and give it to someone tech-y if you get stuck
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
UNIX greybeards threaten Debian fork over systemd plan
'Veteran Unix Admins' fear desktop emphasis is betraying open source
Google+ goes TITSUP. But WHO knew? How long? Anyone ... Hello ...
Wobbly Gmail, Contacts, Calendar on the other hand ...
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
Redmond top man Satya Nadella: 'Microsoft LOVES Linux'
Open-source 'love' fairly runneth over at cloud event
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.