The sun

The Sun newspaper ran an article yesterday slamming the use of ‘open source’ software as a way to attack Jeremy Corbyn.

But Political Scrapbook has found the Sun considers such software reliable enough to use it for its own website. Hypocrisy, much?

The Sun reported the views of one expert Neil Doyle:

Labour chief Mr Corbyn’s manifesto would probably cover MoD and security service computers under an open source licence, said Mr Doyle.

He said: “Open source means code and plans can be accessed and potentially altered and re-packaged by anyone.

“That could also mean giving the keys to spies and copycat outfits in Russia, North Korea and China.”

He said it would also be easier for hackers to inspect software and hardware to identify vulnerabilities and steal sensitive data.

Its true that hackers in other countries can identify vunerabilities in open source software.

But they can also hack proprietary software like Microsoft Windows.

But with open source software – where all the underlying code is open so people can look at it, suggest changes and improve on it – at least problems can be quickly patched up.

Moreover open source software can be more powerful, cheaper (good news for taxpayers!) and reliable!

After all, the Sun uses it too. They run their website on WordPress – the open source blog software.

Did they think we wouldn’t notice?

This screenshot is from the source-code of The Sun website

 

the sun website

 

Of course, Corbyn wasn’t advocating opening up MoD secrets or opening access to software used by security services. He advocated opening up most publicly funded software.

But if it thinks open source software is dangerous, why is The Sun using it?

  1. They probably host it on Linux (operating system) as well and use MySQL (the default) for the database store…

    But hey its the S*n, where lies are peddled as facts so a little bit of hypocrisy is nothing.

  2. Jonathan Wilson says:

    Its probably hosted on Linux (the operating system) and uses MySQL as the back end database as well. Both open source.

    But its the S*n where lies are regularly fronted as facts, so a huge amount of hypocrisy is nothing to them.

  3. Gideon Hallett says:

    ‘$ host http://www.thesun.co.uk
    http://www.thesun.co.uk has address 192.0.66.2

    $ telnet 192.0.66.2 80
    Trying 192.0.66.2…
    Connected to 192.0.66.2.
    Escape character is ‘^]’.
    HEAD / HTTP/1.1
    Host:www.thesun.co.uk

    HTTP/1.1 301 Moved Permanently
    Server: nginx
    Date: Mon, 05 Sep 2016 14:47:11 GMT
    Content-Type: text/html
    Content-Length: 178
    Connection: keep-alive
    Location: https://www.thesun.co.uk/

    Connection closed by foreign host.’

    From the relevant Wikipedia page:

    ‘Created by Igor Sysoev in 2002, Nginx runs on Unix, Linux, BSD variants, OS X, Solaris, AIX, HP-UX, and Windows.[6] Released under the terms of a BSD-like license, Nginx is free and open source software.’

    (See https://en.wikipedia.org/wiki/Nginx)

    It’s not just WordPress. Any bets on the likelihood of the majority of their Web presence running on LAMP servers?

  4. Have to say, there have only ever been two viruses found in the wild on Linux, both of which required root access to do any damage. Linux is used by most of the Internet. OSS has always had fewer security flaws and faster patching than closed source

    Usual Sun BS.

  5. The Scum is trying to take advantage of the people who are not computer literate. Shame it’s backfired on them (again)

  6. Brain dead idiots. Open source is far more secure than anything Microsoft has because GNU/Linux has a more secure structure. PLUS you don’t have to keep paying for expensive licenses every year. Whoever wrote this knows nothing about IT.

  7. True, you don’t HAVE to pay for a licence, but a government implementation of Linux would probably use Red Hat or something else subscription based, so there would still be a cost involved. (A significantly smaller cost, to be sure, but I always get annoyed by the “Linux is free” argument, because the counter is “not in any sort of large scale environment where they need 24/7 support”.)

  8. @Ben Godfrey – Open source isn’t inherently more secure or not, it depends on each individual case. For example, I could go write a really horrible web server, absolutely full of vulnerabilities and put it on github – probably nobody would use it. I might stand a better chance of selling it as a proprietary product, however the fact that the source isn’t available might make it slightly harder to hack… not much though, I think hackers find most things by experiment rather than looking at code.

  9. the also use bind for there DNS
    dig ch txt version.bind @ns0.newsint.co.uk.

    ; <> DiG 9.10.4-P2 <> ch txt version.bind @ns0.newsint.co.uk.
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11728
    ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
    ;; WARNING: recursion requested but not available

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;version.bind. CH TXT

    ;; ANSWER SECTION:
    version.bind. 0 CH TXT "9.8.0-P4"

    ;; AUTHORITY SECTION:
    version.bind. 0 CH NS version.bind.

    ;; Query time: 19 msec
    ;; SERVER: 143.252.80.3#53(143.252.80.3)
    ;; WHEN: Tue Sep 06 13:45:52 BST 2016
    ;; MSG SIZE rcvd: 76

  10. Please avoid using the word “slam” in the future. It makes you look like the same tabloid trash you criticise.

  11. Anyone who makes the case of security through obscurity is inviting unchallenged proprietary source spying/theft. Someone who obtains the “secret” source code can develop an exploit which the world will be unable to address or patch, leaving the system permanently compromised.

    Having every interested and skilled programmer in the world audit your code is the BEST way to ensure it is fit for use

  12. I suppose I’m less irritated by the Sun as they’re *only* reporting the comments of politicians/pundits, Nigel Adams & Neil Doyle, and not themselves making a statement about the viability of open source.

    To me, it’s Doyle and Adams who provoke my greatest ire as hypocrites, as both Doyle’s personal site (http://neildoyle.com/) and Nigel Adams’ (http://www.selbyandainsty.com/) are an ode to open source (Doyle’s, http://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fneildoyle.com%2F & Adams’ http://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fwww.selbyandainsty.com%2F), running Apache on Linux/Ubuntu, with PHP, Javascript, jQuery, MySQL, WordPress, etc.

    As a friend recently commented about this, “mud-flinging is a standard practice in politics these days and open source just happened to be an unfortunate bystander deployed as cannon fodder. But they come off as utterly clueless about technology, which means they’re counting on the public being clueless about technology too.”

  13. For those of you guessing the stack.

    It’s not nginx, that is just the CDN (akamai), it’s LAMP running on AWS (xen).

  14. Because Oracle has bought Sun 🙂
    /Pun intended/
    MySQL is licensed by Oracle, its successor, MariaDB is now its true open source heir.

  15. @Sun fan lee if only MariaDB was completely FOSS still too.

    Postgres is one of the last of the bunch to switch to the tiered plans (proprietary enterprise product on top of base open-source product). Unfortunately this was the same move MySQL made that pushed FOSS supporters to MariaDB. I’m already on the way out the door

Leave a comment

Your email address will not be published.

1000

Comments are limited to 1000 characters.