[dns-operations] i've got a conflict of interest, can a non-implementor answer this?

Warren Kumari warren at kumari.net
Wed Jan 14 16:05:56 UTC 2009

On Jan 14, 2009, at 9:06 AM, Paul Lustgraaf wrote:

> On Tue, Jan 13, 2009 at 11:34 PM, Paul Vixie <vixie at isc.org> wrote:
>> anything i might say would be seen as self serving, so i hope that  
>> others
>> here who are not DNS implementors will add professionally worded  
>> comments
>> to this article explaining your views about the need for critical
>> infrastructure to have some open source mixed into it.
> In my 36 years in the industry, it has been my experience that open  
> source
> products have consistently been more reliable and more secure than
> proprietary products.  Anyone claiming otherwise has the burden of
> proof placed squarely on their shoulders.  Extraordinary claims  
> require
> extraordinary proof.

No, they don't, they just need a little bit of fear mongering,  
misinformation and vague appeals to patriotism / morals.

Some of the more absurd comments from  random sales people I have run  
into over the years:
"Well, you need a commercial product so you can transfer liability if  
there is an issue..." (Oddly enough, it turns out that the vendor  
wouldn't actually accept any liability... Weird).
"With so many people having access to the code, how do you know that  
no-one has hidden a trojan in it?!"
"If it were any good, it would be a commercial product and not just  
some toy OS that geeks play with -- you get what you pay for".
"Our company has a whole team of highly paid researches that run  
security audits on $product. Our security team found and fixed 18  
serious vulnerabilities in the last 6 months alone.  
$open_source_alternative hasn't fixed ANY!"

and my two favorites (both of these happened to be about Apache):
"I heard that the terrorist are using Apache servers to coordinate  
and, while pointing to some bar chart (which exactly matched market  
"As you can see from our research, much more of the child pornography  
is hosted on Apache than on $product".

Sometimes I despair...

> Paul Lustgraaf                   "Change is inevitable.  Progress is  
> not."
> Network Engineer
> Iowa State University Information Technology Services    grpjl at iastate.edu
> Ames, IA  50011                                                
> 515-294-0324
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations

"I think it would be a good idea."
- Mahatma Ghandi, when asked what he thought of Western civilization

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4760 bytes
Desc: not available
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20090114/9c40fd7f/attachment.bin>

More information about the dns-operations mailing list