ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Is Open Source Really So Much More Secure By Nature

    Scheduled Pinned Locked Moved Water Closet
    202 Posts 13 Posters 35.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DustinB3403D
      DustinB3403 @Dashrender
      last edited by

      @Dashrender said in Is Open Source Really So Much More Secure By Nature:

      @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

      @stacksofplates said in Is Open Source Really So Much More Secure By Nature:

      @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

      tough choices because of the past

      It's not a tough choice. You either want the updates and features or not. If you do, you pay for a subscription or you use an open source version that gets constant updates. It's not tough at all. They might not like it, but it's not tough.

      You may not see it as a tough choice, but it is rarely an easy one.

      Changing platforms from Microsoft Excel to LibreOffice for example might include weeks or months of restructuring and rebuilding to use the different platform.

      I don't see it being that hard - other than guessing the costs of that migration... weight the cost of the migration (and assumed continuation of the project) against the subscription cost of something like O365.
      it's just math.. fuzzy math, sure, but still math.

      Well the math isn't just math, its emotion that you have to try and take out of the equation. Then you can have a costs discussion.

      @Dashrender said in Is Open Source Really So Much More Secure By Nature:

      @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

      @Dashrender said in Is Open Source Really So Much More Secure By Nature:

      @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

      @Dashrender said in Is Open Source Really So Much More Secure By Nature:

      @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

      @Obsolesce said in Is Open Source Really So Much More Secure By Nature:

      If they already have and use Excel, then what's the issue? Obviously it not being cross-platform isn't an issue there.

      The issue comes from the desire to upgrade to newer versions. Microsoft, while they offer stand-alone installations of Office 2019, now require yearly upgrades if you need those new features.

      Many organizations simply don't or won't pay for upgrades year after year for something that has traditionally been supported for several years at a time.

      At the same time, they won't pay for O365 to just get access to Microsoft Office (ueo to the total monthly cost increase) from $0 to $12-22 per user.

      They rarely got new features in the past without buying a new version... so I don't see the problem. They continue to pay their one time huge fee for locally installed office on one computer and be done with it.
      If they want new features, they'll have to buy it again and again, or just subscribe.

      Yeah that's not the issue that I was describing. What I was trying to point to is how businesses made a choice to use a specific product (in this case Microsoft Office Excel) and are now having to deal with the decision process of the past and are making tough choices because of the past.

      Sadly - I rarely see them willing to "make" those tough choices.. they push back and say no - we're not changing... getting themselves stuck.
      I have a client on a 22+ year old AS400 because of this. An AS400 that died a month ago, they were super lucky that their support vendor for that device had a spare old junker on the shelf just for such an occasion, and that they could restore their backups to it ( or move the drives, I'm not sure which).

      I need to ask them how much the spend on that? Money that should have been spent moving to a new platform earlier... of course the push back is - well time value of money, I didn't spend anything for 15 years on this system - we've saved a bundle... I don't really know how to combat that argument yet.

      Exactly, I have a customer with an AS400 as well that they use to this day because "it still works and I know it and I haven't had to spend a penny on it".

      and what happens when it does eventually die? No seriously - everything does eventually.. so what then? when there is no backup hardware, no personal who knows how to recover it, etc, etc, etc... 🙂 I know - I'm preaching to the choir.

      Yup... I had the very same question with the person who is attempting to retire.. . . he said "Well I have enough time left to try and sort this out". . .

      stacksofplatesS DashrenderD 2 Replies Last reply Reply Quote 0
      • stacksofplatesS
        stacksofplates @DustinB3403
        last edited by

        @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

        Well the math isn't just math, its emotion that you have to try and take out of the equation. Then you can have a costs discussion.

        Again, this is their fault. If taxes go up, do they get emotional and try to fight it? No they pass the cost on to the customer like every other business. Same in this scenario. If you have to subscribe now and it costs more, the costs get passed on. It's no one's fault but their own.

        DashrenderD 1 Reply Last reply Reply Quote 0
        • DashrenderD
          Dashrender @DustinB3403
          last edited by

          @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

          @Dashrender said in Is Open Source Really So Much More Secure By Nature:

          @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

          @stacksofplates said in Is Open Source Really So Much More Secure By Nature:

          @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

          tough choices because of the past

          It's not a tough choice. You either want the updates and features or not. If you do, you pay for a subscription or you use an open source version that gets constant updates. It's not tough at all. They might not like it, but it's not tough.

          You may not see it as a tough choice, but it is rarely an easy one.

          Changing platforms from Microsoft Excel to LibreOffice for example might include weeks or months of restructuring and rebuilding to use the different platform.

          I don't see it being that hard - other than guessing the costs of that migration... weight the cost of the migration (and assumed continuation of the project) against the subscription cost of something like O365.
          it's just math.. fuzzy math, sure, but still math.

          Well the math isn't just math, its emotion that you have to try and take out of the equation. Then you can have a costs discussion.

          @Dashrender said in Is Open Source Really So Much More Secure By Nature:

          @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

          @Dashrender said in Is Open Source Really So Much More Secure By Nature:

          @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

          @Dashrender said in Is Open Source Really So Much More Secure By Nature:

          @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

          @Obsolesce said in Is Open Source Really So Much More Secure By Nature:

          If they already have and use Excel, then what's the issue? Obviously it not being cross-platform isn't an issue there.

          The issue comes from the desire to upgrade to newer versions. Microsoft, while they offer stand-alone installations of Office 2019, now require yearly upgrades if you need those new features.

          Many organizations simply don't or won't pay for upgrades year after year for something that has traditionally been supported for several years at a time.

          At the same time, they won't pay for O365 to just get access to Microsoft Office (ueo to the total monthly cost increase) from $0 to $12-22 per user.

          They rarely got new features in the past without buying a new version... so I don't see the problem. They continue to pay their one time huge fee for locally installed office on one computer and be done with it.
          If they want new features, they'll have to buy it again and again, or just subscribe.

          Yeah that's not the issue that I was describing. What I was trying to point to is how businesses made a choice to use a specific product (in this case Microsoft Office Excel) and are now having to deal with the decision process of the past and are making tough choices because of the past.

          Sadly - I rarely see them willing to "make" those tough choices.. they push back and say no - we're not changing... getting themselves stuck.
          I have a client on a 22+ year old AS400 because of this. An AS400 that died a month ago, they were super lucky that their support vendor for that device had a spare old junker on the shelf just for such an occasion, and that they could restore their backups to it ( or move the drives, I'm not sure which).

          I need to ask them how much the spend on that? Money that should have been spent moving to a new platform earlier... of course the push back is - well time value of money, I didn't spend anything for 15 years on this system - we've saved a bundle... I don't really know how to combat that argument yet.

          Exactly, I have a customer with an AS400 as well that they use to this day because "it still works and I know it and I haven't had to spend a penny on it".

          and what happens when it does eventually die? No seriously - everything does eventually.. so what then? when there is no backup hardware, no personal who knows how to recover it, etc, etc, etc... 🙂 I know - I'm preaching to the choir.

          Yup... I had the very same question with the person who is attempting to retire.. . . he said "Well I have enough time left to try and sort this out". . .

          Does that imply that he's actually going to look into a new platform and migrate?

          DustinB3403D 1 Reply Last reply Reply Quote 0
          • travisdh1T
            travisdh1 @Dashrender
            last edited by

            @Dashrender said in Is Open Source Really So Much More Secure By Nature:

            @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

            @Dashrender said in Is Open Source Really So Much More Secure By Nature:

            @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

            @Obsolesce said in Is Open Source Really So Much More Secure By Nature:

            If they already have and use Excel, then what's the issue? Obviously it not being cross-platform isn't an issue there.

            The issue comes from the desire to upgrade to newer versions. Microsoft, while they offer stand-alone installations of Office 2019, now require yearly upgrades if you need those new features.

            Many organizations simply don't or won't pay for upgrades year after year for something that has traditionally been supported for several years at a time.

            At the same time, they won't pay for O365 to just get access to Microsoft Office (ueo to the total monthly cost increase) from $0 to $12-22 per user.

            They rarely got new features in the past without buying a new version... so I don't see the problem. They continue to pay their one time huge fee for locally installed office on one computer and be done with it.
            If they want new features, they'll have to buy it again and again, or just subscribe.

            Yeah that's not the issue that I was describing. What I was trying to point to is how businesses made a choice to use a specific product (in this case Microsoft Office Excel) and are now having to deal with the decision process of the past and are making tough choices because of the past.

            Sadly - I rarely see them willing to "make" those tough choices.. they push back and say no - we're not changing... getting themselves stuck.
            I have a client on a 22+ year old AS400 because of this. An AS400 that died a month ago, they were super lucky that their support vendor for that device had a spare old junker on the shelf just for such an occasion, and that they could restore their backups to it ( or move the drives, I'm not sure which).

            I need to ask them how much the spend on that? Money that should have been spent moving to a new platform earlier... of course the push back is - well time value of money, I didn't spend anything for 15 years on this system - we've saved a bundle... I don't really know how to combat that argument yet.

            Yeah, emotional reactions like this are tough to deal with. In this case I'd point out that they're paying more just to power that 22+ year old AS400 than the migration cost. Doesn't IBM still have a line of servers that can run AS400 workloads? I thought so, but it's been so long since I looked into it.

            1 Reply Last reply Reply Quote 0
            • DashrenderD
              Dashrender @stacksofplates
              last edited by

              @stacksofplates said in Is Open Source Really So Much More Secure By Nature:

              @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

              Well the math isn't just math, its emotion that you have to try and take out of the equation. Then you can have a costs discussion.

              Again, this is their fault. If taxes go up, do they get emotional and try to fight it? No they pass the cost on to the customer like every other business. Same in this scenario. If you have to subscribe now and it costs more, the costs get passed on. It's no one's fault but their own.

              yeah, the emotion part is what needs to be pulled out..

              I'm definitely not innocent of the emotional part.. so I get it.. but really, when you show the math.. that should be all that matters to the business.

              And as Stacks said - if your costs go up, then your sales price have to increase generally as well... just the way things work.

              1 Reply Last reply Reply Quote 0
              • DustinB3403D
                DustinB3403 @Dashrender
                last edited by

                @Dashrender said in Is Open Source Really So Much More Secure By Nature:

                @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

                @Dashrender said in Is Open Source Really So Much More Secure By Nature:

                @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

                @stacksofplates said in Is Open Source Really So Much More Secure By Nature:

                @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

                tough choices because of the past

                It's not a tough choice. You either want the updates and features or not. If you do, you pay for a subscription or you use an open source version that gets constant updates. It's not tough at all. They might not like it, but it's not tough.

                You may not see it as a tough choice, but it is rarely an easy one.

                Changing platforms from Microsoft Excel to LibreOffice for example might include weeks or months of restructuring and rebuilding to use the different platform.

                I don't see it being that hard - other than guessing the costs of that migration... weight the cost of the migration (and assumed continuation of the project) against the subscription cost of something like O365.
                it's just math.. fuzzy math, sure, but still math.

                Well the math isn't just math, its emotion that you have to try and take out of the equation. Then you can have a costs discussion.

                @Dashrender said in Is Open Source Really So Much More Secure By Nature:

                @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

                @Dashrender said in Is Open Source Really So Much More Secure By Nature:

                @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

                @Dashrender said in Is Open Source Really So Much More Secure By Nature:

                @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

                @Obsolesce said in Is Open Source Really So Much More Secure By Nature:

                If they already have and use Excel, then what's the issue? Obviously it not being cross-platform isn't an issue there.

                The issue comes from the desire to upgrade to newer versions. Microsoft, while they offer stand-alone installations of Office 2019, now require yearly upgrades if you need those new features.

                Many organizations simply don't or won't pay for upgrades year after year for something that has traditionally been supported for several years at a time.

                At the same time, they won't pay for O365 to just get access to Microsoft Office (ueo to the total monthly cost increase) from $0 to $12-22 per user.

                They rarely got new features in the past without buying a new version... so I don't see the problem. They continue to pay their one time huge fee for locally installed office on one computer and be done with it.
                If they want new features, they'll have to buy it again and again, or just subscribe.

                Yeah that's not the issue that I was describing. What I was trying to point to is how businesses made a choice to use a specific product (in this case Microsoft Office Excel) and are now having to deal with the decision process of the past and are making tough choices because of the past.

                Sadly - I rarely see them willing to "make" those tough choices.. they push back and say no - we're not changing... getting themselves stuck.
                I have a client on a 22+ year old AS400 because of this. An AS400 that died a month ago, they were super lucky that their support vendor for that device had a spare old junker on the shelf just for such an occasion, and that they could restore their backups to it ( or move the drives, I'm not sure which).

                I need to ask them how much the spend on that? Money that should have been spent moving to a new platform earlier... of course the push back is - well time value of money, I didn't spend anything for 15 years on this system - we've saved a bundle... I don't really know how to combat that argument yet.

                Exactly, I have a customer with an AS400 as well that they use to this day because "it still works and I know it and I haven't had to spend a penny on it".

                and what happens when it does eventually die? No seriously - everything does eventually.. so what then? when there is no backup hardware, no personal who knows how to recover it, etc, etc, etc... 🙂 I know - I'm preaching to the choir.

                Yup... I had the very same question with the person who is attempting to retire.. . . he said "Well I have enough time left to try and sort this out". . .

                Does that imply that he's actually going to look into a new platform and migrate?

                Don't honestly know, I found out that have an ISP of their own that they are already engaged with. This was several months ago.

                1 Reply Last reply Reply Quote 0
                • IRJI
                  IRJ @DustinB3403
                  last edited by

                  @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

                  The point of bring in someone like myself, @JaredBusch

                  💋💋💋

                  DustinB3403D 1 Reply Last reply Reply Quote 0
                  • DustinB3403D
                    DustinB3403 @IRJ
                    last edited by

                    @IRJ said in Is Open Source Really So Much More Secure By Nature:

                    @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

                    The point of bring in someone like myself, @JaredBusch

                    💋💋💋

                    If you wanted to do that properly you should've added the

                    🍑

                    Jackass...

                    stacksofplatesS 1 Reply Last reply Reply Quote 0
                    • stacksofplatesS
                      stacksofplates @DustinB3403
                      last edited by stacksofplates

                      @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

                      @IRJ said in Is Open Source Really So Much More Secure By Nature:

                      @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

                      The point of bring in someone like myself, @JaredBusch

                      💋💋💋

                      If you wanted to do that properly you should've added the

                      🍑

                      Jackass...

                      I can ship you a Snickers if you need it, Betty White.

                      DustinB3403D 1 Reply Last reply Reply Quote 0
                      • DustinB3403D
                        DustinB3403 @stacksofplates
                        last edited by

                        @stacksofplates said in Is Open Source Really So Much More Secure By Nature:

                        @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

                        @IRJ said in Is Open Source Really So Much More Secure By Nature:

                        @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

                        The point of bring in someone like myself, @JaredBusch

                        💋💋💋

                        If you wanted to do that properly you should've added the

                        🍑

                        Jackass...

                        I can ship you a Snickers if you need it, Betty White.

                        If I were Betty White I would've whipped your butt by now. She's a bad ass.

                        1 Reply Last reply Reply Quote 1
                        • scottalanmillerS
                          scottalanmiller
                          last edited by

                          https://www.cyberscoop.com/nsa-juniper-backdoor-wyden-espionage/

                          1 Reply Last reply Reply Quote 0
                          • scottalanmillerS
                            scottalanmiller
                            last edited by

                            https://mangolassi.it/topic/22740/samit-is-open-source-licensing-more-secure

                            1 Reply Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller
                              last edited by

                              https://threatpost.com/second-solarwinds-attack-group-usda-payroll/163635/

                              1 Reply Last reply Reply Quote 0
                              • scottalanmillerS
                                scottalanmiller
                                last edited by

                                https://www.infosecurity-magazine.com/news/three-more-vulnerabilities/

                                1 Reply Last reply Reply Quote 0
                                • scottalanmillerS
                                  scottalanmiller
                                  last edited by

                                  https://www.wired.com/story/windows-defender-vulnerability-twelve-years/

                                  1 Reply Last reply Reply Quote 0
                                  • scottalanmillerS
                                    scottalanmiller
                                    last edited by

                                    https://arstechnica.com/information-technology/2021/02/microsoft-says-solarwinds-hackers-stole-source-code-for-3-products/

                                    An entire risk that exists only for closed source.

                                    DustinB3403D 1 Reply Last reply Reply Quote 0
                                    • DustinB3403D
                                      DustinB3403 @scottalanmiller
                                      last edited by

                                      @scottalanmiller said in Is Open Source Really So Much More Secure By Nature:

                                      https://arstechnica.com/information-technology/2021/02/microsoft-says-solarwinds-hackers-stole-source-code-for-3-products/

                                      An entire risk that exists only for closed source.

                                      I hope on of the products is Microsoft Teams so they can fix the glaring functional issues with it...

                                      DashrenderD 1 Reply Last reply Reply Quote 0
                                      • DashrenderD
                                        Dashrender @DustinB3403
                                        last edited by

                                        @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

                                        @scottalanmiller said in Is Open Source Really So Much More Secure By Nature:

                                        https://arstechnica.com/information-technology/2021/02/microsoft-says-solarwinds-hackers-stole-source-code-for-3-products/

                                        An entire risk that exists only for closed source.

                                        I hope on of the products is Microsoft Teams so they can fix the glaring functional issues with it...

                                        Is Teams really a product though? I think of it more as a service... I mean I know they have clients for desktop and mobile... but the web version definitely feels more like a service.

                                        ObsolesceO 1 Reply Last reply Reply Quote 0
                                        • ObsolesceO
                                          Obsolesce @Dashrender
                                          last edited by

                                          @Dashrender said in Is Open Source Really So Much More Secure By Nature:

                                          @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

                                          @scottalanmiller said in Is Open Source Really So Much More Secure By Nature:

                                          https://arstechnica.com/information-technology/2021/02/microsoft-says-solarwinds-hackers-stole-source-code-for-3-products/

                                          An entire risk that exists only for closed source.

                                          I hope on of the products is Microsoft Teams so they can fix the glaring functional issues with it...

                                          Is Teams really a product though? I think of it more as a service... I mean I know they have clients for desktop and mobile... but the web version definitely feels more like a service.

                                          I did a 2-day conference over Teams last week. It actually went very well.

                                          scottalanmillerS 1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller @Obsolesce
                                            last edited by

                                            @Obsolesce said in Is Open Source Really So Much More Secure By Nature:

                                            @Dashrender said in Is Open Source Really So Much More Secure By Nature:

                                            @DustinB3403 said in Is Open Source Really So Much More Secure By Nature:

                                            @scottalanmiller said in Is Open Source Really So Much More Secure By Nature:

                                            https://arstechnica.com/information-technology/2021/02/microsoft-says-solarwinds-hackers-stole-source-code-for-3-products/

                                            An entire risk that exists only for closed source.

                                            I hope on of the products is Microsoft Teams so they can fix the glaring functional issues with it...

                                            Is Teams really a product though? I think of it more as a service... I mean I know they have clients for desktop and mobile... but the web version definitely feels more like a service.

                                            I did a 2-day conference over Teams last week. It actually went very well.

                                            It has improved a lot. It's still trails other solutions, but what from MS doesn't. It's at least starting to catch up with the level of behind that most of the rest of the MS ecosystem is.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 10
                                            • 11
                                            • 2 / 11
                                            • First post
                                              Last post