FUD by Association
Michael J. Jordan, Linux Online Staff
July 19, 2006
First, there was plain,
old FUD - classic Fear, Uncertainty and Doubt. Then we had stealth FUD. Now we have FUD by association.
In what can be best described as a drive-by FUD-ing, Dave Marcus, the
security research manager for anti-virus company McAfee claims that
malware developers have embraced the open source development model.
Of course, the subliminal message that McAfee wants you tom get is
that internet criminals and Linux kernel developers share the same DNA.
It's no surprise that malware developers collaborate. Collaboration
goes back to the time when we lived in caves. People work together for
both good and for ill. They don't call it 'organized' crime for
nothing. Maybe we'll see a Sopranos episode in the near future where
the main characters debate the merits of the GPL.
Marcus claims that ".. the anonymity of an open source-style process
is very appealing to them." Like classic FUD, it's essentially
meaningless.
The real Open Source model is anything but anonymous. The cachet, so
to speak, of working on a open source project is the developers
currency. As people on Mr. Marcus' side of the software world - the
proprietary side - often point out, the incentive for producing good
open source software is seldom financial. An open source developer
seeks to display his/her coding skills and establish a good name. From
there, the financial rewards tend to come in the form of a well-paying
job. The open source development model is about solving real problems
on a personal level and then moving up to a higher level. It's about
peer review. It's about finding the simplest, most elegant
solution. There's a big difference between the Open Source development
model and obtaining code in order to plant bots and run a shakedown
racket.
I assume that the people who are running these large DDoS bribery
operations worry about the code development process in these bots like
I worry about how the wheat is grown that goes into the toast I eat in
the morning.
McAfee wants you to believe that those pesky anglers phishing money
out of your bank account learned their trade from Firefox, Apache and Linux
developers. Of course, the truth is that Microsoft's IE and IIS developers
doing such a poor job is what lets them do it.
I'm sure Marcus and the people who employ him know this. So what do
they gain by trying to equate malware development with Linux
development? Maybe it's because McAfee and similar companies stand to
lose a lot of money if more people start switching from virus-prone
Windows and move to more secure Open Source software.
Malware developers may be sharing code, but they didn't need to use the Linux Kernel Mailing
list as a guide. "Open Source" crime predates Open Source software by several millennia.
Michael J. Jordan is the Webmaster of Linux Online. He can be reached at Michael.Jordan AT linux.org
| 
![[ Register ]](/images/navbar/register.gif){kind=small}
![[ Applications ]](/images/navbar/applications.gif){kind=small}
![[ Documentation ]](/images/navbar/documentation.gif){kind=small}
![[ Distributions ]](/images/navbar/distributions.gif){kind=small}
![[ Download Info ]](/images/navbar/download.gif){kind=small}
![[ General Info ]](/images/navbar/geninfo.gif){kind=small}
![[ Book Store ]](/images/navbar/bookstore.gif){kind=small}
![[ Courses ]](/images/navbar/courses.gif){kind=small}
![[ News ]](/images/navbar/news.gif){kind=small}
![[ People ]](/images/navbar/people.gif){kind=small}
![[ Hardware ]](/images/navbar/hardware.gif){kind=small}
![[ Vendors ]](/images/navbar/vendors.gif){kind=small}
![[ Projects ]](/images/navbar/projects.gif){kind=small}
![[ Events ]](/images/navbar/events.gif){kind=small}
![[ User Groups ]](/images/navbar/usergroups.gif){kind=small}
![[ User Area ]](/images/navbar/user_area.gif){kind=small}
![[ About Us ]](/images/navbar/aboutus.gif){kind=small}
![[ Home Page ]](/images/navbar/homepage.gif){kind=small}
![[ Advertise ]](/images/navbar/advertise.gif){kind=small}
