Showing posts with label open source. Show all posts
Showing posts with label open source. Show all posts

Wednesday, April 1, 2009

Isn't Open Source Wonderful?

[Nokia releases Open Source Symbian and it is installed on a toaster]

There is a news story about a toaster running Symbian (the platform that newer Nokia phones run).

It does this so it can provide extra services like measuring the heat of your toast etc.

Full set of features:

  • BreadSense mode that uses internal sensors to figure out the ideal heat setting and time for the bread you have inserted.
  • The large touchscreen UI also allows you to tweak the settings to suit your personal taste.
  • Toast settings can be saved and assigned to individuals. A finger-print sensor on the side identifies the user and automatically displays their personal presets.
  • Additional presets and sandwich serving suggestions can be downloaded from the internet using the built-in WiFi connection.
  • Users can share their own presets and recipes online too.
  • Can connect to your phone via Bluetooth and upload reminders to buy more bread when you run out.
  • The screen can display useful online information such as news headlines, weather forecasts and video feeds to keep you entertained and informed in the kitchen.
  • Firmware updates are automatically downloaded and applied over the air to make sure you always have the latest features.
By the way, happy April Fools Day. Still, some April Fools Jokes come true...

Note: click through to see the image of this toaster, I want one. And I'm not sure why!
By
Labels: , ,

Tuesday, June 12, 2007

And Now for Some Bible Education (Part 2)

So.. how does that affect us?

I find in some cases it makes sense to take a hard line on something and not compromise. Sometimes you also just know the answer. You can't really be certain of your security posture if you have 20% of all passwords being "password", sometimes you have to compromise a bit - you have to allow some traffic through your firewall.

I like to think that I am more of an Aaron person - I find it easier to analyse, debate and discuss than research and enforce. Which makes me a pretty good Information Security consultant. I have different people, with different agendas all coming at me and I need to find a balance.

I fully expect those people to have the agendas that they do and while things can get heated when someone doesn't understand why I can't fully agree with them, I actually prefer them to have strong ideas. That way I can make a good decision.

Every InfoSec consultant will be stuck in the middle of a few factors, the CSO who wants everything perfectly secured (pull out the Internet cable and lock the doors), the CIO who wants everything up and running and the CEO who doesn't care as long as business gets done. You also have 1,000,001 vendors who all think that their product is perfect and does everything. You have the law makers who want to push laws that protect everyone. You have your wife and kids who want you at home all the time (or at least every night and weekend). Another example is ISACA who believe everything can be solved through risk analysis.

And the sad truth is that you can't make all of these people happy. You have to compromise.

Each of these people is a "moses" - they know their point exactly. They see the world in black and white. A technical salesperson (assuming they are trustworthy and their product is reasonably competent) will know all the good about his/her product. They know all the bad it can eradicate and the risks it can mitigate. They may know about competitors products and how choices were made - some companies decided to use agents, some use no agents. They will stand by their products. They will not budge and so they shouldn't.

I do have a bit of bias and where I can I push Open Source software but I am aware that it doesn't work for everything and that is where I take my Moses cap off and put on an Aaron cap. I know how good Check Point's firewall software is but when it comes time to do NAC I need to judge fairly.

Speaking of Open Source software - the community is made up of people who are Moses-types and Aaron types. Richard Stallman is very much a moses type. Linus Torlvalds is more of an Aaron-type when it comes to license issues but more of a Moses-type when it comes to some aspects of kernel programming.

They are both successful because they have managed to be the kinds of personality they need to be when they need to be that kind.
By No comments:
Labels: , , , , ,

Friday, March 2, 2007

My 2 cents - NAC and FLOSS (Part 1 - FLOSS)

Since I started my blog and subsequently joined the Security Bloggers Network (see the side panel), I have been following a number of stories posted by other blog members.

Ok, two debates on SSAATY - open source and NAC. I have my opinion on each and here goes:

Alan contends, and I agree with him to a point, that users shouldn't be concerned with the making of software -ie, is it open source, commercial, closed, powered by little rodents, etc. They should only make sure that the software does what they want it to. And I agree to a point.

However, we are security people and we deal in risks and mitigation. Using closed source software does present one with certain risks that open source software does not and that is: what happens if the product is discontinued.

I have seen companies spend millions on closed source software only to wind up with a solution that can not be upgraded or changed. There are some programs that only run on dos and are so closed and so important the company lives with this outdated operating system. I'm not picking on DOS, think of all the proprietary financial systems that had to be quickly fixed or rewritten for Y2K on Unix. A proprietary system that at least has published and open standards (preferably industry-wide standards) would mitigate this risk to a point.

An example that just popped into my head is Internet Explorer. I know of an IT company that has built its entire way of working around an Intranet site. Good for them but they used IE6 specific "features" in the website and it doesn't work with IE7. Had they stuck to standards they would have no problems but they didn't.

You may argue - but Open Source and Open Standards are not the same but Open Source they usually go together whereas closed standards are usually in place to protect market share and don't work very well with Open Source software (where the standards are open as soon as the code is read and analyzed).

To Be Continued.
By No comments:
Labels: , , , , , , , ,

Monday, February 26, 2007

A shout out to Alan Shimel

Hi there Alan (et al),

Thank you for the little blog post on me. I hope I can respond with some good, insightful (incite-ful?) posts to keep you interested.

Congrats firstly on your anniversary.

I consider myself a lay-expert (in other words I spent way too much time on slashdot for my career's good) on GPL so I'll add in my 2c.

The GPL severly restricts what you can do with the source in order to try keep the source available. It is known as "viral" in that if you want to use the source in a project - all the source of that project must also be GPL or compatible.

The big news of a project being GPL compatible is that once the source is GPL compatible it can be added to other GPL projects and in turn other GPL code can be pulled into this project.

Being GPL compatible is also a nice buzzword to use. And it would make coding easier - "Oh, its GPL. I know that". (No need to read the license and compare it to GPL to understand how compatible it is.)

I'm not sure exactly in this case how it benefits everyone but the above may give a good idea of why GPL is better to have than just "open source".
By No comments:
Labels: , ,
Subscribe to: Comments (Atom)