FCC claims open source software lacks security

FCC claims open source software lacks security · 07-07-2007, 05:41 PM

A new federal rule set to take effect today could mean that radios built on "open-source elements" may encounter a more sluggish path to market--or, in the worst case scenario, be shut out altogether. U.S. regulators, it seems, believe the inherently public nature of open-source code makes it more vulnerable to hackers, leaving "a high burden to demonstrate that it is sufficiently secure."

By effectively siding with what is known in cryptography circles as "security through obscurity," the controversial idea that keeping security methods secret makes them more impenetrable, the FCC has drawn an outcry from the software radio set and raised eyebrows among some security experts.

"There is no reason why regulators should discourage open-source approaches that may in the end be more secure, cheaper, more interoperable, easier to standardize, and easier to certify," Bernard Eydt, chairman of the security committee for a global industry association called the SDR (software-defined radio) Forum, said in an e-mail interview this week.

The Forum, which represents research institutions and companies such as Motorola, AT&T Labs, Northrup Grumman and Virginia Tech, urged the FCC to back away from that stance in a formal petition (PDF) this week.

There's also no clear evidence that the number of vulnerabilities in open-source software differs dramatically from that of proprietary software, said Alan Paller, director of research for the SANS Institute, which provides computer security training. (Some earlier studies have found that the generally more intensive scrutiny of open-source code can help keep its quality higher and vulnerabilities lower.)

The term software-defined radio hasn't exactly made it into public consciousness yet, but the technology has been gaining traction in military and public safety spheres. Perhaps the highest-profile example is the Pentagon's Joint Tactical Radio System project, which is designed to give soldiers in the field the ability to shuttle voice, data and video across multiple networks.

Source: CNET News

07-07-2007, 05:41 PM	#1
FCC claims open source software lacks security Faisal PK Addict Join Date: Jun 2007 Location: Rawalpindi Posts: 1,024 Faisal 07-07-2007, 05:41 PM Rating: () A new federal rule set to take effect today could mean that radios built on "open-source elements" may encounter a more sluggish path to market--or, in the worst case scenario, be shut out altogether. U.S. regulators, it seems, believe the inherently public nature of open-source code makes it more vulnerable to hackers, leaving "a high burden to demonstrate that it is sufficiently secure." By effectively siding with what is known in cryptography circles as "security through obscurity," the controversial idea that keeping security methods secret makes them more impenetrable, the FCC has drawn an outcry from the software radio set and raised eyebrows among some security experts. "There is no reason why regulators should discourage open-source approaches that may in the end be more secure, cheaper, more interoperable, easier to standardize, and easier to certify," Bernard Eydt, chairman of the security committee for a global industry association called the SDR (software-defined radio) Forum, said in an e-mail interview this week. The Forum, which represents research institutions and companies such as Motorola, AT&T Labs, Northrup Grumman and Virginia Tech, urged the FCC to back away from that stance in a formal petition (PDF) this week. There's also no clear evidence that the number of vulnerabilities in open-source software differs dramatically from that of proprietary software, said Alan Paller, director of research for the SANS Institute, which provides computer security training. (Some earlier studies have found that the generally more intensive scrutiny of open-source code can help keep its quality higher and vulnerabilities lower.) The term software-defined radio hasn't exactly made it into public consciousness yet, but the technology has been gaining traction in military and public safety spheres. Perhaps the highest-profile example is the Pentagon's Joint Tactical Radio System project, which is designed to give soldiers in the field the ability to shuttle voice, data and video across multiple networks. Source: CNET News __________________ GOD Bless the Internet !
Views: 111