Sunday, 24 August 2003

Open source FUD

Kevin Aylward at Wizbang! blames Sendmail, and by extension the Open Source movement, in part for the spread of viruses on the Internet. Specifically he claims:

Here’s the kicker – Sendmail had no capability to drop messages that contain viruses.

Sorry, Kevin, but I call bullshit.

  • Sendmail can scan for viruses using the “milter” (mail filter) facility, which has been present for several years. Get up to date on the technology before you start spreading crap.
  • There are numerous alternative mail transport agents (MTAs) to Sendmail that also have hooks for virus scanning, including Postfix, Exim, and (if you can stand DJB-ware) qmail.
  • Virus scanners can also be hooked into procmail, if you don’t actually want to futz with your MTA configuration.
  • Specifically, Debian and other Linux distributions include a complete, free anti-virus scanning suite that integrates with almost any mail server (specifically, clamav and amavisd); it also includes hooks for spam trapping. I had it set up and running within an hour on the box I administer at work. It’s catching all of our Sobig.F messages, and not even spamming unrelated parties with bogus “you sent me a virus” messages like certain commercial systems I could mention.

Yes, I freely admit that sendmail is a piece of bloated, outdated shit that I won’t run on any server I administer. But blaming sendmail, when you should blame lazy admins and ISPs who can’t be bothered to avail themselves of the available free virus scanners (not to mention the ample commercial offerings), is just silly, and exactly the sort of crap you’re complaining about in the behavior of some open source advocates.

Brock has more on this theme here.

Why Windows is so insecure

Kevin Drum has a lengthy post about his nightmare updating his Windows XP home system to fix the vulnerability exploited by the Blaster worm. At the end of the post, he writes:

POSTSCRIPT: Feel free to do all the Microsoft bashing you want in comments, but please don’t turn it into yet another tiresome Windows vs. Mac thread. Most of us Windows users actually have excellent reasons for our choice of operating system, and hearing about the alleged superiority of Macs for the thousandth time won’t change that. So please please please: just don’t do it. OK?

POSTSCRIPT 2: That goes for Windows vs. Linux too.

This is exactly why Microsoft operating systems and applications have so many security problems. No matter how bad it gets, Kevin is not going to switch to a competitor. You can bitch and moan all you want, Kevin, but as long as you’re giving your money to MS, they have no financial incentive to improve their software.

Obligatory disclosure: I’m president of the Memphis Linux user group, GOLUM. And before I became a Linux geek, I was a Mac geek.