Lets blame Open Source
Over the last few days it seems that Open Source software is under attack as the root of all evil around hacking. First on darkReading an article on open source security being used by hackers and bad guys. Then the folks at McAfee blaming open source tools for helping bot developers organize and be more effective.
In the case of McAfee, this is not the first time they have blamed open source tools for helping hacking. Back in April it was rootkits that were being encouraged by open source according to McAfee. Of course the McAfee folks give the usual left-handed compliment to open source by saying, "We think [open source antivirus products] are fine. They've never been something that was really in the same class as ours, but we've always been big supporters of open source antivirus," yeah right, give me a break. Can you show me how McAfee has always been a big supporter? I don't think so. It is just another chance for the McAfee people to take another swipe at open source.
The darkReading article says hackers and bad guy types are using nMap, Nessus, Metasploit and such to recon and hack into networks. So if they were using commercial software instead of open source would it make a difference? This is a case where you can't blame the tool, blame the people hacking in. These tools all have legitimate uses and are very valuable to infosec professionals. My rule of thumb is substitute commercial software every time I see the open source software term. If the sentence still makes sense regardless of whether it was open source or commercial software then how can you blame it on open source.
Comments