On Sun, 2002-07-07 at 15:36, Tzafrir Cohen wrote: > I was invited to a hearing, which will take place next Sunday > (14-7-2002) in the Science committee of the Knesset, regarding "Open > Source Systems in the Israeli Government".
Taking into account that the minister of defense has announced in reply to a Knesset query that the IDF based most of its critical operation information systems on open source technology due to it's saftey (as published on Ynet last week) I think the discussion is... just in time :-) > Al ze ne'emar: Yemot Hamashiach. Indeed. > > I will be extremely thankful if you could direct me to any scientific or > non-biased research and news regarding the following issues: > > The adoption of Open Source Systems in other western countries. The following is a copy of a reply of a Peruvian Congress member to a local Microsoft represetnative campaign regarding these issue in Peru. While Peru may not be a "western" country (whatever this term means), the clear and cool voice in which Dr. Nunez presents his case and the striking logical arguments used make this a true masterpiece worth to mention: http://www.pimientolinux.com/peru2ms/villanueva_to_ms.html The following paper from David Miller is also full of good numbers (with sources!) : http://www.dwheeler.com/oss_fs_why.html Another approach worth noting is to make the point that propritery software means that a big chunk of the money paied to build/maintain the IT system goes out of the country to the mostly foreign bodies that own it while only a very small percentage actually stays in Israel (only the small part that goes to the highly paid developers in the R&D facilities that these foreign bodies keep here) whereas with open source software, since any local talent has just as good a footing as the foriegn players because of the availability of source code, this doesn't have to be like this at all - almost all of the money can stay here. So money spent on closed source programs, for the most parts is money that deplates Israel hard cash reserves whereas money spent on open Source programs is money invested inside Israel own economy. Which do they prefer? > The qualities of Open Source Systems as far as data security > is concerned. The clearest by far to non hackers way to explain this is the following: You have two banks. One says: "I keep the plans to my safe secret. This way no one knows how they work and so can't get into the safe and still your property". The second one says: "Here are the plans to my safes, including the blueprints, they are publishe don my web page. I'm giving them to you because they are designed in such a way that even if you know how they work you can't get in without the key". Which bank will you put your life savings in? (not to mention the secret launch codes for the Israel non existant nueclear missiles... :-) You can take the plans of the safes of the second bank to a safe expert and then another and then another and if they all say that the safe is indeed safe you know you can put your money there and no one will be able to break the safe. Maybe someone will pay the guards to open it but you have the sam eproblem regardless of the safes, right Now what happens with the second bank? you have no idea whether these safes are good or not. What you trust is that no one ever gets the plans to them so no one will ever know. But, where are those plans kept? maybe in the same kind of safe? what if the safe is easily broken after all? what if the person who made the safe kept a secret copy? what if the person who made the safe kept a secret extra key to the safe??? In short, your only insurance (except of what the bank says, which is moot) is that no one will find the plans of even come up woith a way to opne the safe without the plans. You dont know how good are the safes, you don't have the plans and if you did you can;t go out ad show it to the experts. Software is just like these safes - closed source software is supposdly secure so long as no one gets the source or finds a way to break inside without it. Open Source software is built in such a way that even if you have the source it wont do you any good - it's safe not because of the secrecy of the code (which can be violated) but because of the inherit design and you can make sure this is so by showing this design and implmentation to every and all expert in the world to verify this. And in recent years you don't even have to - because it is most likely that some of the best experts in the world actually wrote software in question to begin with. > > Your assistance is highly appreciated. It is for a good cause, you > surely understand. Many thanks in advance. I would be very much happy to supply additional help to promote this important subject. Gilad. -- Gilad Ben-Yossef <[EMAIL PROTECTED]> Code mangler, senior coffee drinker and VP SIGSEGV Qlusters ltd. "You got an EMP device in the server room? That is so cool." -- from a hackers-il thread on paranoia ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
