if ( document.comments_form.url ) {
 document.comments_form.url.value = getCookie("mtcmthome");
}

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>Otaku, Cedric's weblog: August 2007 Archives</title>

<link rel="stylesheet" href="http://beust.com/weblog/styles-site.css" type="text/css" />
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://beust.com/weblog/index.rdf" />
<link rel="start" href="http://beust.com/weblog/" title="Home" />
<link rel="prev" href="http://beust.com/weblog/archives/2007_07.html" title="July 2007" />

<link rel="next" href="http://beust.com/weblog/archives/2007_09.html" title="September 2007" />


<script language="javascript" type="text/javascript">
function OpenComments (c) {
    window.open(c,
                    'comments',
                    'width=480,height=480,scrollbars=yes,status=yes');
}

function OpenTrackback (c) {
    window.open(c,
                    'trackback',
                    'width=480,height=480,scrollbars=yes,status=yes');
}
</script>

</head>

<body>	

<div id="banner">
<h1><a href="http://beust.com/weblog/" accesskey="1">Otaku, Cedric's weblog</a></h1>
<span class="description">Thoughts on Java, programming languages and software development in general.</span>
</div>

<div id="container">

<div class="blog">

<div id="menu">
<a href="http://beust.com/weblog/archives/2007_07.html">&laquo; July 2007</a> |

<a href="http://beust.com/weblog/">Main</a>
| <a href="http://beust.com/weblog/archives/2007_09.html">September 2007 &raquo;</a>

</div>

</div>

<div class="blog">


<h2 class="date">August 27, 2007</h2>


<div class="blogbody">
<a name="000458"></a>
<h3 class="title">Opening your source doesn't make your software more secure</h3>

<p>

In an <a href="http://www.microsoft.com/windowsserver/compare/compare_linux.mspx">article comparing Windows to Red Hat</a>, Microsoft recently used the following quote from former chair of the Apache security team Ben Laurie:

<blockquote>
Although it’s still often used as an argument, it seems quite clear to me that the “many eyes” argument, when applied to security, is not true.
</blockquote>

Ben responded by clarifying what he meant <a href="http://www.links.org/?p=249">in this post</a> and while it appears that the quote has indeed been taken out of context, the overall idea that open source automatically produces software that's more secure is a fallacy that's been empirically demonstrated by now.
<p>

Software becomes secure for a bunch of reasons:
<ul>
<li>
It was designed from the ground up with security in mind.
</li>
<li>
It was implemented from the ground up with security in mind.
</li>
<li>
It was implemented by good developers.
</li>
<li>
These developers are security experts.
</li>
<li>
These developers reviewed each other's code before checking it in.
</li>
<li>
A lot of money was spent on testing and QA.
</li>
<li>
The software was extensively beta-tested.
</li>
</ul>

Actually, I think that the main reason why a piece of software becomes secure is:

<ul>
<li>
The software has been running for years and has received (and keeps receiving) numerous fixes and patches.
</li>
</ul>

I'm not even putting <em>"The software is open source"</em> in this list, because to be honest, I'm not convinced that the open source factor wins against obscurity in terms of security.  When a vulnerability is open source and that its subsequent fix is open sourced as well, you make it very easy for average hackers to take advantage of it right away.  And I think the main problem <b>is</b> average hackers, not very good ones (who will access the source of the program anyway, whether it was open source or not).

<p>

I'm also a bit skeptical that code reviews catch that many fundamental programming (and security) mistakes.  When a check-in exceeds even ten files, it's extremely hard to understand how the change will impact the rest of the huge code base that is already in place.  It might be easy to spot obvious mistakes in languages like C or C++, where overrun buffers and other attacks can be identified within a few lines of code, but in other higher level languages, you really need to understand the big picture, and past a certain size, only automated size or excessive usage of this code will actually reveal these bugs.

<p>

The simple fact is that users that download open source software will probably never look at the source.  Even I, as a developer, just don't bother any more.  And if I can choose between downloading software in source or binary form, I will always pick the latter and trust that the company releasing it (or the Internet community) will have done the security audit for me.

<p>

The quote by Microsoft is certainly taken out of context to serve their purposes, but I think that a lot of security experts will agree with it.

<p>





<div class="posted">
	Posted by cedric at <a href="http://beust.com/weblog/archives/000458.html">10:07 AM</a>
		| <a href="http://beust.com/weblog/mt-cedricqwerty.cgi?entry_id=458" onclick="OpenComments(this.href); return false">Comments (11)</a>
	
	
</div>

</div>



<h2 class="date">August 08, 2007</h2>


<div class="blogbody">
<a name="000457"></a>
<h3 class="title">A fond farewell to Harry Potter</h3>

<p align="center">
<img src="http://beust.com/pics/hp1.jpg" width="75" height="125" >
<img src="http://beust.com/pics/hp2.jpg" width="75" height="125" >
<img src="http://beust.com/pics/hp3.jpg" width="75" height="125" >
<img src="http://beust.com/pics/hp4.gif" width="75" height="125">
<img src="http://beust.com/pics/hp5.jpg" width="75" height="125">
<img src="http://beust.com/pics/hp6.jpg" width="75" height="125">
<img src="http://beust.com/pics/hp7.jpg" width="75" height="125">
</p>

<em>Note: this post contains absolutely no spoilers on any of the seven Harry Potter books.</em>
<p>
I just turned the last page of "Harry Potter and the Deathly Hallows" and I have to say that  this was probably one of the most enjoyable books I've read in years.
<p>
It's not a compliment I give lightly, and unfortunately, most of the books that I read are very easily forgettable, but the Harry Potter series has managed to keep my interest up ever since the first one came out.
<p>
I remember noticing a friend reading it shortly after it came out.  I had never heard of Harry Potter before and a quick glance at the back cover prompted me to ask the question that tens of thousands of people have asked these past years about Harry Potter:  "Isn't this a child's book?".
<p>
Not that there is anything wrong with reading child's books.  As a matter of fact, just a few years ago, I made a point of reading up on some classical children stories (such as the Chronicles of Narnia) in order to catch up on this aspect of the American culture I didn't grow up with.  My interest was therefore piqued about Harry Potter, and when my friend observed casually that "Yes, but there's something about the way this is written that makes it really gripping", I quickly bought the book and started a long journey in the depths of the wizarding world.
<p>
In hindsight, there are two points that I absolutely adored about the series, and particularly that last book:
<ul>
<li>It's a complex plot even though it's written from Harry's perspective pretty much all the time.
  <p>
  I tend to like books with elaborate plots, twists and big arcs that form a complex story.  These books usually unfold their plot by switching points of views, places, people and sometimes even points in time.  These artefacts are necessary to set up the background for your readers and, to some extent, to confuse them a bit.  It's a bit like prestidigitation and sleight of hand:  you want to set up your readers so that you can surprise them with A when they expect B.
  <p>
  This kind of magic trick is much harder to achieve when you're writing your story completely linearly and following your hero from page one until the end.  Except for a few flashbacks, you don't have a lot of freedom to set up your twists and revelations, which must all occur through the eyes of your hero.
  <p>
  I think J.K. Rowling's mastery in this art will be studied in literary schools for years to come.
  <p>
</li>
<li>It's pretty obvious that J.K. Rowling knew where she was going with her story from the first book on.
<p>
This last book contains revelations and explanations that are absolutely startling and yet perfectly consistent with the previous books.  Maintaining coherence and vision throughout seven books written over several years is no small feat, and while similar books and TV shows are frantically trying to keep up with their own contradictions and cheap cliffhangers to try and maintain the illusion of a vision (I'm looking at you, "Lost"), J.K. Rowling's reigns supreme in the art of building up an epic yet entertaining world (as opposed to...  "The Lord of the Rings", which is complex but dull).
<p>
Harry Potter is one of the most sophisticated and best written plot ever created, along with <a href="http://en.wikipedia.org/wiki/Babylon_5">Babylon 5</a> and <a href="http://en.wikipedia.org/wiki/Perry_Rhodan">Perry Rhodan</a>.
</li>
</ul>
I have felt sad every single time I have turned the last page of a Harry Potter book, and this one is no exception, except that the melancholy is increased by the realization that it's now time to say goodbye to our spell casting friends for good.
<p>
Here's to hoping that J.K. Rowling's next creation won't take too long and that it will be as enthralling as the Harry Potter saga.
<p>







<div class="posted">
	Posted by cedric at <a href="http://beust.com/weblog/archives/000457.html">09:02 AM</a>
		| <a href="http://beust.com/weblog/mt-cedricqwerty.cgi?entry_id=457" onclick="OpenComments(this.href); return false">Comments (9)</a>
	
	
</div>

</div>


</div>
</div>

</body>
</html>