June 11, 2002
Blatantly wrong open-source defamation

Of late, Microsoft and others have taken to using september 11 as a marketing device. The tactic is invariably the same is in a recent report of dubitable independence, namely the claim that open source software is less secure
simply because of the source availability. This claim is of course blatantly wrong. The evidence that security by obscurity i.e. that lack of publicly available information about a security flaw, protects agains exploitation has been discredited so many times that it is hard to find room to mention them all. The innumerable flaws in IIS and Internet Explorer, the deCSS story, the PDF/Dimitri Sklyarov story. The Enigma machine is an early story.

So we can only repeat once again that open discussion about security is the best means of security there is.

Posted by Claus at June 11, 2002 02:11 PM