The Sun newspaper ran an article yesterday slamming the use of ‘open source’ software as a way to attack Jeremy Corbyn.
But Political Scrapbook has found the Sun considers such software reliable enough to use it for its own website. Hypocrisy, much?
The Sun reported the views of one expert Neil Doyle:
Labour chief Mr Corbyn’s manifesto would probably cover MoD and security service computers under an open source licence, said Mr Doyle.
He said: “Open source means code and plans can be accessed and potentially altered and re-packaged by anyone.
“That could also mean giving the keys to spies and copycat outfits in Russia, North Korea and China.”
He said it would also be easier for hackers to inspect software and hardware to identify vulnerabilities and steal sensitive data.
Its true that hackers in other countries can identify vunerabilities in open source software.
But they can also hack proprietary software like Microsoft Windows.
But with open source software – where all the underlying code is open so people can look at it, suggest changes and improve on it – at least problems can be quickly patched up.
Moreover open source software can be more powerful, cheaper (good news for taxpayers!) and reliable!
After all, the Sun uses it too. They run their website on WordPress – the open source blog software.
Did they think we wouldn’t notice?
This screenshot is from the source-code of The Sun website
Of course, Corbyn wasn’t advocating opening up MoD secrets or opening access to software used by security services. He advocated opening up most publicly funded software.
But if it thinks open source software is dangerous, why is The Sun using it?
Anonymous says:
They probably host it on Linux (operating system) as well and use MySQL (the default) for the database store…
But hey its the S*n, where lies are peddled as facts so a little bit of hypocrisy is nothing.
Jonathan Wilson says:
Its probably hosted on Linux (the operating system) and uses MySQL as the back end database as well. Both open source.
But its the S*n where lies are regularly fronted as facts, so a huge amount of hypocrisy is nothing to them.
Gideon Hallett says:
‘$ host http://www.thesun.co.uk
http://www.thesun.co.uk has address 192.0.66.2
$ telnet 192.0.66.2 80
Trying 192.0.66.2…
Connected to 192.0.66.2.
Escape character is ‘^]’.
HEAD / HTTP/1.1
Host:www.thesun.co.uk
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Sep 2016 14:47:11 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.thesun.co.uk/
Connection closed by foreign host.’
From the relevant Wikipedia page:
‘Created by Igor Sysoev in 2002, Nginx runs on Unix, Linux, BSD variants, OS X, Solaris, AIX, HP-UX, and Windows.[6] Released under the terms of a BSD-like license, Nginx is free and open source software.’
(See https://en.wikipedia.org/wiki/Nginx)
It’s not just WordPress. Any bets on the likelihood of the majority of their Web presence running on LAMP servers?
Jim says:
Can’t speak for the database, but the server is nginx running on Linux, so both open source.
As of course are WordPress & PHP
http://toolbar.netcraft.com/site_report/?url=www.thesun.co.uk
Richard Morris says:
And it runs the https://en.wikipedia.org/wiki/Nginx webserver, which is open source.
~ $ curl -I http://www.thesun.co.uk
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Sep 2016 15:21:32 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.thesun.co.uk/
Rokenprice says:
Have to say, there have only ever been two viruses found in the wild on Linux, both of which required root access to do any damage. Linux is used by most of the Internet. OSS has always had fewer security flaws and faster patching than closed source
Usual Sun BS.
David lowton says:
The Scum is trying to take advantage of the people who are not computer literate. Shame it’s backfired on them (again)
Andy says:
Brain dead idiots. Open source is far more secure than anything Microsoft has because GNU/Linux has a more secure structure. PLUS you don’t have to keep paying for expensive licenses every year. Whoever wrote this knows nothing about IT.
LiamK says:
True, you don’t HAVE to pay for a licence, but a government implementation of Linux would probably use Red Hat or something else subscription based, so there would still be a cost involved. (A significantly smaller cost, to be sure, but I always get annoyed by the “Linux is free” argument, because the counter is “not in any sort of large scale environment where they need 24/7 support”.)
Stuart says:
Clearly an IT illiterate who wrote the article. Without open source software we really wouldn’t have an Internet.
Roger says:
Not only that, but the lead developer of Nginx is a *Russian*…
https://en.wikipedia.org/wiki/Igor_Sysoev
Ben Godfrey says:
The larger issue is whether the assertion that open source software is less secure is true or not.
James Hedley says:
@Ben Godfrey – Open source isn’t inherently more secure or not, it depends on each individual case. For example, I could go write a really horrible web server, absolutely full of vulnerabilities and put it on github – probably nobody would use it. I might stand a better chance of selling it as a proprietary product, however the fact that the source isn’t available might make it slightly harder to hack… not much though, I think hackers find most things by experiment rather than looking at code.
Anonymous says:
the also use bind for there DNS
dig ch txt version.bind @ns0.newsint.co.uk.
; <> DiG 9.10.4-P2 <> ch txt version.bind @ns0.newsint.co.uk.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11728
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;version.bind. CH TXT
;; ANSWER SECTION:
version.bind. 0 CH TXT "9.8.0-P4"
;; AUTHORITY SECTION:
version.bind. 0 CH NS version.bind.
;; Query time: 19 msec
;; SERVER: 143.252.80.3#53(143.252.80.3)
;; WHEN: Tue Sep 06 13:45:52 BST 2016
;; MSG SIZE rcvd: 76
Dave says:
Please avoid using the word “slam” in the future. It makes you look like the same tabloid trash you criticise.
J Simpkin says:
Anyone who makes the case of security through obscurity is inviting unchallenged proprietary source spying/theft. Someone who obtains the “secret” source code can develop an exploit which the world will be unable to address or patch, leaving the system permanently compromised.
Having every interested and skilled programmer in the world audit your code is the BEST way to ensure it is fit for use
Patrick Masson says:
I suppose I’m less irritated by the Sun as they’re *only* reporting the comments of politicians/pundits, Nigel Adams & Neil Doyle, and not themselves making a statement about the viability of open source.
To me, it’s Doyle and Adams who provoke my greatest ire as hypocrites, as both Doyle’s personal site (http://neildoyle.com/) and Nigel Adams’ (http://www.selbyandainsty.com/) are an ode to open source (Doyle’s, http://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fneildoyle.com%2F & Adams’ http://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fwww.selbyandainsty.com%2F), running Apache on Linux/Ubuntu, with PHP, Javascript, jQuery, MySQL, WordPress, etc.
As a friend recently commented about this, “mud-flinging is a standard practice in politics these days and open source just happened to be an unfortunate bystander deployed as cannon fodder. But they come off as utterly clueless about technology, which means they’re counting on the public being clueless about technology too.”
Andy Mabbett says:
This Neil Doyle http://neildoyle.com/ ?
And not forgetting Nigel Adams MP.
Andy Mabbett says:
Nigel Adams’ website:
http://www.selbyandainsty.com/
Anonymous says:
For those of you guessing the stack.
It’s not nginx, that is just the CDN (akamai), it’s LAMP running on AWS (xen).
Sun fan lee says:
Because Oracle has bought Sun 🙂
/Pun intended/
MySQL is licensed by Oracle, its successor, MariaDB is now its true open source heir.
0x616e6f6e says:
@Sun fan lee if only MariaDB was completely FOSS still too.
Postgres is one of the last of the bunch to switch to the tiered plans (proprietary enterprise product on top of base open-source product). Unfortunately this was the same move MySQL made that pushed FOSS supporters to MariaDB. I’m already on the way out the door
Micro$oft GNU/Linuxsoft says:
War is peace, freedom is slavery, ignorance is strength.
net worth of Malik Riaz says:
Can I use in table of content
savage height says:
how to make and host it on various OS.
Anjali Pichai Life says:
I am having an issue. Can you assist me in that?