[liberationtech] New IT security measures underway

[Jonathan Wilkes]

On 02/03/2014 06:09 PM, John Adams wrote:

[...]

> Additionally, your statement of: "Closed-Source software cannot be 
> secured" -- I prefer open source software but I disagree that it 
> cannot completely be secured. It depends only on the motivation, 
> financial resources, and merit of the company attempting to secure 
> said software. Just because you don't happen to get a look at the 
> source code doesn't make this a definitive statement. There are 
> numerous examples of commercial software being immensely hard to defeat.

I don't know the name for it, but there's definitely a misleading (or 
misled) rhetorical device in the paragraph above.  I see it everytime 
someone mentions the truism about free software being the obvious 
foundation for security software.  I'm not a security expert so let me 
explain with an analogy:

Because of an injury, Django Reinhardt only used two fingers of his left 
hand to play guitar.  He's a pioneering jazz guitarist.  That's a pretty 
cool anecdote.

On an unrelated note, go to any serious guitar studio and you will find 
that students are taught to use more than two fingers when trying to 
master the guitar.  There isn't a guitar teacher in the world that would 
knowingly limit his/her students to develop with _fewer_ resources than 
they actually have.

But I bet if there were a large number of guitar teachers who-- for 
historical reasons-- had tragically been taught to play with only two 
fingers, they'd constantly be reminded everyone else that you _can_ 
indeed become a great guitarist even with a horrible technique.  That'd 
be a detriment to guitar pedagogy, as I believe it's a detriment to 
creating and maintaining security software.

-Jonathan