IMMUNIZING THE INTERNET, OR: HOW I LEARNED TO STOP WORRYING AND LOVE THE WORM

A great article in the Harvard Law Review just got slashdotted. It argues that hackers, worms and viruses are actually good for network security. I'm a very strong believer in this, and have been for a long time. When we first released Java in 1995, we made all of the sources available on the net. Most people just downloaded the binaries and used them, but a lot of folks downloaded the sources, and many of them spent many hours trying to figure out how to break the security of the system. And several people did: they would publish their attacks, and we'd fix them. The end result is an extraordinarily strong system. Many people in the software industry are nervous about such policies because they fear that it will give nasty folks an unfair advantage. They somehow believe that "security by obscurity" is a valid technique. I have always believed, and experience has shown, that the reverse is true: there are many more good smart people than evil smart people, and good smart people let us know about any flaws they discover, so we get things fixed quickly.
Comments:

uu

Posted by guest on June 29, 2006 at 01:07 AM PDT #

If everyone played nice and submitted to the authors every problem they find it would indeed strengthen the software. Problem is most people who are looking for holes aren't going to submit those holes to you, instead exploiting them to your discredit and the loss of your users.

Posted by Jeroen Wenting on June 29, 2006 at 04:39 PM PDT #

Even if u expose your code public, we can't expect people to come in and look into code. Since programming language like Java is used in wider audience we have this benefit. I think a sense of hacking has to be created in school/college levels. - sree

Posted by gnuyoga on June 29, 2006 at 08:51 PM PDT #

what

Posted by youngvonlee on June 29, 2006 at 11:49 PM PDT #

Post a Comment:
Comments are closed for this entry.
About

jag

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today