[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

RE: [school-discuss] Open/Disclosed Source &c



Joel,

An article that I handout to my students, presents the following scenario:

"Would you, while travelling far from home, take medicines of an unknown brand given to you by a self-proclaimed “doctor”, without documentation, and hence without (independent) assurance about the nature and proper working of the ingredients?"

The article is titled "Increased security through open source" and you can find it online here:
http://arxiv.org/PS_cache/arxiv/pdf/0801/0801.3924v1.pdf

Though, I think that I first saw it in ACM's Communications.

My experience is that, for most students, it is a good introduction into security issues related to open source software. And with the help of a few discussion questions can spark a lively classroom discussion.

I suspect that many other teachers would find the article useful as well.

Let me know what you think,
Uno

> Date: Sun, 19 Apr 2009 12:56:08 -0700
> From: jj2kk4@xxxxxxxxx
> Subject: [school-discuss] Open/Disclosed Source &c
> To: INTERDIS@xxxxxxxxxxxxxxxxxxx; schoolforge-discuss@xxxxxxxxxxxxxxx
>
>
> As usual, I don't know how many of you follow the
> Freedom-To-Tinker blog--so here is a fairly recent
> item on the status of some FLOSS concepts in the
> never-ending mess with e-voting:
>
> http://www.freedom-to-tinker.com/blog/dwallach/open-source-vs-disclosed-source-voting-systems
>
> Here is one part of the article that I think goes
> to the heart of the philosophy underlying FLOSS:
>
> "Disclosing the source code only results in a
> complete forfeiture of the software's security
> if there was never any security there in the
> first place. If the product is well-engineered,
> then disclosing the software will cause no
> additional security problems. If the product is
> poorly-engineered, then the lack of disclosure
> only serves the purpose of delaying the inevitable."
>
> One of the responders to the article also expresses
> the fundamental point rather well:
>
> "When bad guys discover secrets, they keep quiet.
> They reuse the secrets or wait for a great
> opportunity to exploit. If most secrets are being
> discovered by black hats, most secrets will stay
> hidden from public view and will be used to
> compromise election after election or at least
> important elections. When white hats find flaws,
> they make noise, the result being that security
> bloopers get rooted out much quicker."
>
> It seems to me that high school students (soon to be
> old enough to vote) and college students ought to be
> exposed to these ongoing techno-political debates.
> What would be the best ways for teachers in the fields
> of computer science, social studies, &c (as many areas
> as possible) to collaborate in the construction of
> relevant inter-disciplinary curricula? Of course (as is
> usual with high-tech topics), some of the students will
> be more knowledgeable than some of the teachers--but
> that can be a plus *IF* it is handled right.
>
> Joel
>
>
>
>


Windows Live™: Keep your life in sync. Check it out.