Zombie Cow quoted an interesting letter to the editor which posited the following: >Imagine a Chinese agent working at Microsoft. How difficult do you think it would be to insert a little "backdoor" into a Windows .dll >file or somewhere else? With the Government jumping into NT left and right, a secret backdoor or even an "easter egg" that shuts >the system down on command could cripple our entire defense network, law enforcement and just about anything else. There's plenty the national security apparatus has to fear from proprietary software -- and they know it. Problem is, the ones who realize what's going on can't change the situation. Consider a visit I made to the US Air Force Information Warfare Center in San Antonio last year. I asked officers there what they thought of the growing trend towards commercial, off-the-shelf software in the government. They told me it worried them plenty. In the old days, of course, men and women in uniform often had easy access to source code along with considerable control over development itself -- that was part of the deal in the high-priced days of the mainframe and minicomputer. Nowadays, of course, $600 toilet seats and custom-written code alike are gone, and with them, control over the final product. Forget Chinese spies in the US, the Air Force folks said. What really keeps them up at night is software development that goes on in countries that couldn't care less about American interests. I then asked them what they thought of open source software as a path to greater security. "Sounds great," one commanding officer told me. Of course, he conceded, the bean counters in Washington would sooner spend money on some "standard" stuff before they let coders actually secure their systems. Will Rodger Technology Editor USA Today.com
