Do you know what your source code is up to?
Jester, Campus Web Administrator
a report last week about
Microsoft having a backdoor password in IIS Web servers
running FrontPage 98 server extensions. It turns out the
report may have been incorrect, however the fact that
such an incident could have occurred only strengthens my
views on the importance of the Open-Source society. That is the exact reason that I choose to run open-source Web
servers such as Apache whenever possible. Obviously, no
piece of software is completely secure or bug-free, but
when the source-code is freely viewable it helps to
diminish the possibilities of a programmer inserting
back-door passwords and helps increase the likelihood
that bugs in the software are discovered before they can
I'm not trying to completely knock
Microsoft's products, but you have to consider the
following when you're in charge of a Web server:
- How important and sensitive is the
data that you are trying to publish?
- Are you truly willing to trust
that data's security to a piece of software that
has very few checks and balances from the general
I think I've made my stance on that
issue pretty clear. There's no question that commercial
Web servers such as IIS as very popular and oftentimes
the easiest to set up and maintain. However, that doesn't
always make them the right choice.
Until next time.....
For more information, see The American Prospect:
Vol 11, ISS 10. March 27, 2000 - April 10, 2000. After
Microsoft: The Open-Source Society
and "Finland -- the open-source society" in Salon.com.