Is Open Source Alone Enough?

IT likes to believe that it is a logical industry where all decisions (or at least the majority of them) are based on fact rather than fashion. Alas, this is not always so and being “in vogue” is often a subliminal driver behind certain of the technology waves that regularly sweep through the industry. The surge of “Open Source” solutions has, on occasion, exploited this unconscious desire to conform to the desire to be trendy, and not without other, more logical reasoning. However, not everything in the world of open source, as in the more traditional software sector, is perfect.

Just take a look at the BIND (Berkeley Internet Name Domain) Domain Name System, perhaps the most commonly deployed DNS in use today on Unix and Linux systems. Last November, John McCormick of TechRepublic published information based on SANS and the FBI data that identified, yet again, BIND as the most dangerous Linux/UNIX flaw. The reason why this should be so is very simple, most Linux/UNIX versions ship with BIND with the result that there are a huge number of machines running quite happily in the world using old, badly configured versions of BIND.

Read Full Story