Firewall Wizards mailing list archives

Re: Proxies, opensource and the general market: what's wrong with us?

From: Peter Robinson <peter () securegateway org>
Date: Thu, 28 Apr 2011 09:06:17 +1000

Hi there

This thread is just to good to not get involved.... :-)

I wrote this "article" in 2002 and at that time it was titled "Open Source and the virtues of the Crystal Box" as a
parody on the virtues of Open Source security software vs closed source commercial security software...

In the "old days"... Some vendors would actually provide source code if specifically requested as, after all, this was
"Security" software...

---------------
Once apon a time, in a cyberland, far far away.....

There lived a young Geeknight and his job was to secure the systems of the Corporate empire at the behest of King CISO.

He had access to all the finest commercial tools/weapons he needed but still failed to slay or deter the Dragons of
Hack.

The Dragons wanted to steal information about all the citizens in the realm and were able to wreak havoc on the realm
as they knew exactly how all the tools/weapons worked including the Drawbridge/"Wall of Fire"

The Geeknight realised that he needed more visibility of how his systems worked and so he asked the Lords of Supply to
whom he paid vast sums of money to please provide the source code for the "wall of fire" he ran.

They grudgingly obliged and claimed they actually had the Realms of Corporate's best interests at heart. Soon, the
Geeknight was able to quickly make modifications, apply patches and customise his "Wall of fire" to the specific
requirements of his realm.

The Dragons of Hack had no idea what had happened when they next tried to invade the realm and were surprised to learn
that even though he thought they understood how these systems worked they still could not penetrate the Realm of
Corporate's new "Wall of fire".

The Realm was safe for many Internet Years until the Lords of Supply became greedy and decide not to allow the Young
Geeknight access to the source code any longer just incase he gave it away free to other Realms.

They constantly forced the Realm to upgrade all the systems to newer versions by refusing to support the older ones
(even though there was nothing wrong with them).

The Dragons of Hack(being industry professionals) also had access to these new versions and soon found they could
resume their tyrannical onslaught of the Realm of Corporate.

The young Geeknight pleaded with his suppliers for visibility of his system so he could counter these attacks but they
refused and once again the Realm of Corporate was regularly breached by The Dragons of Hack.

Realising he could not compete whilst constantly waiting for the Lords of Supply to upgrade his defences, the Geeknight
turned to Open Source software which he obtained for free and after a few weeks of training he was able to build a new
"Wall of Fire" totally to the realms of Corporate's specific requirements.

The Dragons of Hack were once again hapless but still determined.

But... King CISO of the Realm of Corporate became distressed, He could not understand why he had been paying so much
for these services in the past and failed to see why his budget was now drastically reduced.

When he realised that he was no longer going to be wined and dined by the Lords of Supply and had lost the ability to
simply prove his levels of diligence to the realm with a fat budget , he became angry with the young Geeknight and
demanded an explanation.

The Geeknight explained his dilemma and but King CISO could not fathom that he could have the same levels of realm
security without the fat budget.

King CISO insisted the Geeknight remove the "free" systems and return to the expensive, Lords of Supply "supported"
"Walls of Fire".

Being loyal to the realm he returned to the Greedy Lord of Supply and begged forgiveness. They forgave the Geeknight
"at a cost" and King CISO got his Wining and Dining(relationship management) back along with his over inflated fat
budget.

The Dragons of Hack soon returned and breached defences all around the Realm of Corporate, this did not deter King CISO
as he could now again, prove his diligence to the Realm with a fat budget.

They all lived happily ever after except the young Geeknight who resigned his Knighthood in disgust and began his own
start-up realm.com

-----------------

we've come a long way since then but we still seem to be losing this argument....
-----------------------------
Peter Robinson
peter () securegateway org
Securegateway.Org

There is nothing more difficult to take in hand, more perilous to
conduct, or more uncertain in its success, than to take the lead in the
introduction of a new order to things. Niccolo Machiavelli

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Proxies, opensource and the general market: what's wrong with us?, (continued)
- - - Re: Proxies, opensource and the general market: what's wrong with us? Tracy Reed (Apr 27)
- Re: Proxies, opensource and the general market: what's wrong with us? Claudio Telmon (Apr 27)
  - Re: Proxies, opensource and the general market: what's wrong with us? David Lang (Apr 27)
    - Re: Proxies, opensource and the general market: what's wrong with us? ArkanoiD (Apr 27)
    - Re: Proxies, opensource and the general market: what's wrong with us? david (Apr 27)
    - Re: Proxies, opensource and the general market: what's wrong with us? ArkanoiD (Apr 28)
    - Re: Proxies, opensource and the general market: what's wrong with us? david (Apr 28)
    - Re: Proxies, opensource and the general market: what's wrong with us? ArkanoiD (Apr 28)
    - Re: Proxies, opensource and the general market: what's wrong with us? david (Apr 28)
    - Re: Proxies, opensource and the general market: what's wrong with us? Claudio Telmon (Apr 27)
- Re: Proxies, opensource and the general market: what's wrong with us? Peter Robinson (Apr 27)