Open source software is completely insecure and unsafe to use

Over the last few weeks I’ve heard a few people assert that open source is less secure than proprietary software. I try to arm my readers with as much intellectual firepower as possible and I wouldn’t be advocating open-source in Education unless it was fit for purpose.. So here you have it.. 3 Common misconceptions educators have about open-source debunked…

DEBUNKED – Everyone can see the code therefor it’s easier to exploit it.

All software has security holes. Open-source is more secure because people spot security holes early on and patch them. You can actually see what authentications are used and how badly/poorly they are written. Passwords in open source software have even more security because the methods used to access them are completely open so they are often encrypted/hashed which is more than can be said for Sony and some big Edu tech companies who’s name I won’t mention..

DEBUNKED – Anyone can add to the project therefor it’s easier to add exploits.

Projects have maintainers and many contributors, pull requests (requests to put code into the software) are publicly view-able and have to be merged by a maintainer IE a person of considerable experience/authority. Most pull requests on large projects are often checked by multiple people and tested using unit, integration and full stack tests PRIOR to merge into a final release. Open source projects also publish their patched exploits as security advisories, this gives sysadmins the ability to quickly respond to potential threats. Propriety software has no incentive to accept they had a security hole so tend to quietly patch security fixes in major updates.

DEBUNKED – Surely by default a house with an open door is less secure than a house with a door?

Open source projects have doors and windows just like any propriety software but the doors and locks are specifically designed to be secure by default. Open source projects tend to encourage active security testing and try to engage with the security community to co-operate on security vulnerabilities instead of shutting them out. This means the open source community is not as frequently targeted with malicious hacks, most of the successful hacks are reported to the site admin by the hacker themselves.

If you believed any of these misconceptions ask yourself why and who has lied to you?

C’mon people, OAuth is open source and we all use that every single day (Google, Twitter, Facebook etc.). The common miss-conception that open-source is less secure than proprietry software is just bonkers, we know better and it’s our job to spread the message!

Is it illegally anticompetitive for Google to give schools Google Apps for free?

Today a French court ruled that Google has broken the law by providing the Google Maps API for free. While this may seem like an extreme ruling it is based on the fact that Google used to offer the service for free then began charging once all of their competition had been beaten into submission. I wonder if Google are trying to do the same with schools and Google Apps?

Microsoft and Google have been caught out doing predatory pricing on quite a few occasions in the past. Essentially predatory pricing is where you provide a service for free then after a period of time (Usually once all of your competitors have been destroyed) you start charging for this service. Companies accomplish this “scam” by providing propriety software, propriety software is basically software that can only be provided by one company. I am constantly warning the schools of the risks of investing in propriety standards and I’m sure that nearly all of my readers are tired of me beating on this drum… In this case I think the court actually got it wrong.

Google Docs doesn’t thwart our ability to develop PrimaryPad, PrimaryBlogger or SchoolEmail further, it’s obviously that Google Docs does affect our bottom line but we develop PrimaryPad because we believe in our products and in we know that our contributions towards Etherpad and an open standard for collaborative writing on the web will ultimately be the winner of the war. Remember folks.. Good customer service and open standards always win.

What a difference a door makes…

Yet another burglary last night in a Bradford Primary School. Yet again the thiefs target is the technology. PrimaryT is the maintainer and provider of this technology so it is somewhat concerning that the schools ICT budget will be spending more of their budget on insurance premiums next year instead of new kid for the kids to use.. But wait.. Not at this school because a recently installed security door thwarted the thieves..

In my opinion you can’t get much lower than stealing from resources primary school kids use to learn with.   I realize that anyone reading this is  already in that school of thought.  I guess I’m completely biased though and blind to the other social subtleties at play in the surrounding area.

The school is going to need to replace some parts of that door though if not the whole thing.. It’s not all bad news at least as the kids can still continue to learn with technology :)