When we can no longer trust proprietary hardware or software, open source becomes the only option
July 22, 2013
Frankly, I can’t say I was surprised when I read that RIM’s BlackBerry 10 transmits user email account credentials to RIM servers, which then log into the account. Obviously someone at RIM thought this would be a good idea, but anyone who does anything that requires keeping email private — say, an executive discussing sensitive negotiation strategies with colleagues, or a doctor or other health care worker, or, well, just about everyone — should be appalled that RIM covertly collects their username and password, then logs into the account.
With the news about PRISM and other clandestine data-vacuuming operations in place all over the world, it’s clear there’s a problem. It’s not just about hoovering up information from millions of people — it’s the vast number of devices that can no longer be trusted for use in business and government. When the code running anywhere along a data path is not open source, there’s a chance it’s doing something you can’t know about and potentially transmitting data to someone who shouldn’t have it. That possibility should serve to upset even nontechnical executives, to say nothing about governments all over the world.
Last year I wrote about how easy it is to place backdoors within corporate networks using Swiss Army knife-type tools, but those still require someone to physically place them within a building or at least to be hooked up to a network jack. Wouldn’t it be easier for the spies to make sure the network devices you purchase, such as routers and firewalls, are already backdoored?
This goes well beyond the software or firmware layer. This goes straight into the chips themselves. The code on proprietary commercial firewall chips is unlikely to be accessible to security admins; even if it were, it’s unlikely they would be able or allowed to perform rigorous code audits.
I’m sure some extraordinarily sensitive organizations do this or take similar action for extraordinarily sensitive deployments, but you can bet that the costs explode. Vendors like Cisco aren’t going to let just anyone sniff around their IP unless it’s a huge contract. Even then, the vigilance must be maintained to ensure that every single device is running the very same code. All of this has to be done all the way up the stack, across every device that will touch the network.
Open source closes the backdoors
With open source, the veil is already lifted, and an army of developers inspects the code all the time. The potential for hidden backdoors is dramatically reduced. But that doesn’t really matter if you go deep enough.
Sure, you can install pfSense on a server and know it’s not backdoored, but what about the hardware within the server itself? What about the TCP offloading code in the NICs? Or the BIOS? It could contain a nefarious element that you simply can’t trust — unless, of course, all that code were open source as well.
Options for open source
At some point in the near future, concerns over this type of corporate and governmental espionage may force larger organizations to make hard decisions. There would seem to be three options.
- Companies could increase their IT budgets dramatically to counter this threat by validating every since piece of commercial code in use anywhere on the network.
- They could start building their own hardware and writing their own software, from desktop OS through to the ICs in their routers.
- They could turn to open source solutions the whole way around.
The first two options are not possible for the vast majority of organizations, but the last one certainly is.
Steele, Robert David (2012). THE OPEN SOURCE EVERYTHING MANIFESTO: Transparency, Truth & Trust. Berkeley, CA: North Atlantic Books/Evolver Editions.