Trusting Open Source for Production...
-
No, I understand.
@scottalanmiller has been bringing me over to the dark side. Which is apparently is actually the light side.
-
@scottalanmiller said:
@BRRABill said:
@scottalanmiller said:
Let's also compare MS Office to LibreOffice. I get every type of support for LibreOffice that you can get for MS Office plus more. Again, the real world examples hold up that open source encourages better and broader support options. Closed source just gives you... less.
I still have the "fear" that an open source product will just go away, where MS Office just won't.
Though since they decommission it, it might as well, right?
I don't follow. As we had discussed offline, open source cannot go away. It's literally impossible. The fear of going away is purely a closed source concern. You were confused about which was which when we were discussing this. Open source is the only means of protecting against the fear that you have. Commercial products that people are still using actually go away all of the time. Open source cannot. It is as simple as that.
A great example would be Office 2003. That software isn't supported or available for sale anymore. And while OpenOffice in it's old form isn't really there any more, it's been replaced by LibreOffice.
-
I've never called MS for support once in my entire IT career.
-
@travisdh1 said:
@BRRABill said:
I still have the "fear" that an open source product will just go away, where MS Office just won't.
Though since they decommission it, it might as well, right?
How can any open source product "go away"? Even if it's completely dropped from development, IE TrueCrypt, if it's a useful tool someone will pickup it up and continue on, IE VeraCrypt. Whereas if Microsoft decides to drop MS Office, you are up a creek and nobody will be working with the code anymore.
I know how it feels, but it's just feelings. Open source is much more likely to stick around long after the original developers are no longer around.
It's funny, TC was actually the product that he had brought up. I want to write a paper on the TC story because it is one of the best possible examples of why open source matters. TC was closed source, not open, and they vendor (we think) tried to make it go away. But accidentally let the code slip into the public domain and become de facto open source and the product was protected from the evils of closed source because the code owner attempted to hide which effectively gave up his code ownership.
TC shows how dangerous closed source can be and how open source is the only protection against those fears. No example could be better, really. You never know when a closed source company is going to have an agenda that you don't understand and take their product away because it suits some other purpose.
-
@Dashrender said:
@scottalanmiller said:
@BRRABill said:
@scottalanmiller said:
Let's also compare MS Office to LibreOffice. I get every type of support for LibreOffice that you can get for MS Office plus more. Again, the real world examples hold up that open source encourages better and broader support options. Closed source just gives you... less.
I still have the "fear" that an open source product will just go away, where MS Office just won't.
Though since they decommission it, it might as well, right?
I don't follow. As we had discussed offline, open source cannot go away. It's literally impossible. The fear of going away is purely a closed source concern. You were confused about which was which when we were discussing this. Open source is the only means of protecting against the fear that you have. Commercial products that people are still using actually go away all of the time. Open source cannot. It is as simple as that.
A great example would be Office 2003. That software isn't supported or available for sale anymore. And while OpenOffice in it's old form isn't really there any more, it's been replaced by LibreOffice.
Not replaced. OO is still very modern and up to date and competes with LO. OO is developed by the Apache Group.
-
For those wondering where TrueCrypt went, it is now VeraCrypt as was mentioned above. Because the owners accidentally let TC fall into the PD it became de facto open source and got picked up and maintained instantly and audits continued making it still one of the most secure, most audited encryption suites out there. The open source project is hosted by none other than Microsoft themselves on CodePlex.
-
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@BRRABill said:
@scottalanmiller said:
Let's also compare MS Office to LibreOffice. I get every type of support for LibreOffice that you can get for MS Office plus more. Again, the real world examples hold up that open source encourages better and broader support options. Closed source just gives you... less.
I still have the "fear" that an open source product will just go away, where MS Office just won't.
Though since they decommission it, it might as well, right?
I don't follow. As we had discussed offline, open source cannot go away. It's literally impossible. The fear of going away is purely a closed source concern. You were confused about which was which when we were discussing this. Open source is the only means of protecting against the fear that you have. Commercial products that people are still using actually go away all of the time. Open source cannot. It is as simple as that.
A great example would be Office 2003. That software isn't supported or available for sale anymore. And while OpenOffice in it's old form isn't really there any more, it's been replaced by LibreOffice.
Not replaced. OO is still very modern and up to date and competes with LO. OO is developed by the Apache Group.
oh, did they catch back up? I know when someone else took over the project for a while it went south, which is why LibreOffice even exists. I was unaware they had returned to parity, or near parity.
-
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@BRRABill said:
@scottalanmiller said:
Let's also compare MS Office to LibreOffice. I get every type of support for LibreOffice that you can get for MS Office plus more. Again, the real world examples hold up that open source encourages better and broader support options. Closed source just gives you... less.
I still have the "fear" that an open source product will just go away, where MS Office just won't.
Though since they decommission it, it might as well, right?
I don't follow. As we had discussed offline, open source cannot go away. It's literally impossible. The fear of going away is purely a closed source concern. You were confused about which was which when we were discussing this. Open source is the only means of protecting against the fear that you have. Commercial products that people are still using actually go away all of the time. Open source cannot. It is as simple as that.
A great example would be Office 2003. That software isn't supported or available for sale anymore. And while OpenOffice in it's old form isn't really there any more, it's been replaced by LibreOffice.
Not replaced. OO is still very modern and up to date and competes with LO. OO is developed by the Apache Group.
oh, did they catch back up? I know when someone else took over the project for a while it went south, which is why LibreOffice even exists. I was unaware they had returned to parity, or near parity.
LO split off many years ago when Oracle bought Sun and got OpenOffice with the purchase. Oracle was not maintaining it well and so a group split off to form LibreOffice to protect OO from Oracle. The two were and have been developed in parallel ever since. Oracle immediately realized what they had done and donated the OpenOffice project to the Apache group who have run it for a very long time now. OO and LO now compete but there is talk of merging them as they are ideologically aligned.
-
One of the examples that I had used about why closed source was risky... Microsoft used to have a couple different operating systems including DOS and Xenix. Both were closed source and both did not fit into the Microsoft "world view". Neither is available today, in any form. Just gone.
IBM, likewise, did the same thing with OS/2 which was an extremely popular operating system.
Also BeOS, an independent operating system was closed source and when the company failed the OS and the entire ecosystem collapsed as there was no way to update, patch or maintain the system.
Closed source encourages "dead ends" in code. And even the vendors you feel like you can trust, Microsoft, IBM, Google, etc. shut down projects and products all of the time. It's a very false sense of security to feel that MS will not stop making or supporting products that no longer make sense to their bottom line. MS is a business and supporting old software is extremely expensive. And often old software isn't just expensive to maintain but might actively compete with newer products (which is why Xenix was killed off.)
-
@scottalanmiller said:
For those wondering where TrueCrypt went, it is now VeraCrypt as was mentioned above. Because the owners accidentally let TC fall into the PD it became de facto open source and got picked up and maintained instantly and audits continued making it still one of the most secure, most audited encryption suites out there. The open source project is hosted by none other than Microsoft themselves on CodePlex.
Hey that looks just like TC.
-
Another great example... at NTG we were one of the first ten Microsoft Small Business Accounting customers, and the very first to work with SBA and ADP for payroll integration. We used every SBA version from the first to... the last. Microsoft killed it off. It only ever had about three releases. It was a good product, far better than QB which was the only competitor at the time. We invested heavily in it and were "all in" in the Microsoft ecosystem using the products that they recommend and we were left dead in the water with no accounting package.
Not only was this a mainline MS product, it was a core part of the MS Office family. Microsoft most certain kills off products and few could be as high profile and critical from a non-server perspective as killing off the accounting and financial member of their MS Office family! If they were willing to discontinue SBA suddenly, nothing is safe.
-
@BRRABill said:
@scottalanmiller said:
For those wondering where TrueCrypt went, it is now VeraCrypt as was mentioned above. Because the owners accidentally let TC fall into the PD it became de facto open source and got picked up and maintained instantly and audits continued making it still one of the most secure, most audited encryption suites out there. The open source project is hosted by none other than Microsoft themselves on CodePlex.
Hey that looks just like TC.
Mostly, it is. Some newer encryption options is about the only difference.
-
@travisdh1 said:
@BRRABill said:
@scottalanmiller said:
For those wondering where TrueCrypt went, it is now VeraCrypt as was mentioned above. Because the owners accidentally let TC fall into the PD it became de facto open source and got picked up and maintained instantly and audits continued making it still one of the most secure, most audited encryption suites out there. The open source project is hosted by none other than Microsoft themselves on CodePlex.
Hey that looks just like TC.
Mostly, it is. Some newer encryption options is about the only difference.
Does it support booting in UEFI based OSes yet?
-
@Dashrender said:
@travisdh1 said:
@BRRABill said:
@scottalanmiller said:
For those wondering where TrueCrypt went, it is now VeraCrypt as was mentioned above. Because the owners accidentally let TC fall into the PD it became de facto open source and got picked up and maintained instantly and audits continued making it still one of the most secure, most audited encryption suites out there. The open source project is hosted by none other than Microsoft themselves on CodePlex.
Hey that looks just like TC.
Mostly, it is. Some newer encryption options is about the only difference.
Does it support booting in UEFI based OSes yet?
I don't think so, at least not yet. I'm not sure that they are trying to get a UEFI key from Microsoft or not.
-
I think that pretty typically people are using it on data partitions and not on boot ones. Keep all data secured in one place but not worrying about the OS itself.
-
I searched their site but found no reference to UEFI supported or otherwise.
-
I always thought TrueCrypt was for File Level encryption rather than FDE.
-
See in my craziness I like FDE because I'm always worried about what products leave behind.
-
@Jason said:
I always thought TrueCrypt was for File Level encryption rather than FDE.
TC supported FDE Through at least XP if not through 7. But I know it never supported Windows 8/8.1 etc.
-
What timing... Microsoft "pulls a TrueCrypt" with Windows 7. You thought it couldn't happen with Microsoft? It just did.
Remember, it is closed source that allows this to happen. Open Source is protected from this kind of thing.
http://www.forbes.com/sites/gordonkelly/2016/01/02/microsoft-windows-7-problems/