Page One

Campus Computing News

Summer Computing Hours

Do you have something to sell?

Lab-of-the-Month: The COM Lab

Renew PRAS Accounts for the Summer

Today's Cartoon

RSS Matters

SAS Corner

The Network Connection

List of the Month


Short Courses

IRC News

Staff Activities



Do you know what your source code is up to?

By Shane Jester, Campus Web Administrator

There was a report last week about Microsoft having a backdoor password in IIS Web servers running FrontPage 98 server extensions. It turns out the report may have been incorrect, however the fact that such an incident could have occurred only strengthens my views on the importance of the Open-Source society. That is the exact reason that I choose to run open-source Web servers such as Apache whenever possible. Obviously, no piece of software is completely secure or bug-free, but when the source-code is freely viewable it helps to diminish the possibilities of a programmer inserting back-door passwords and helps increase the likelihood that bugs in the software are discovered before they can be exploited. 

I'm not trying to completely knock Microsoft's products, but you have to consider the following when you're in charge of a Web server:

  • How important and sensitive is the data that you are trying to publish?
  • Are you truly willing to trust that data's security to a piece of software that has very few checks and balances from the general Web community?

I think I've made my stance on that issue pretty clear. There's no question that commercial Web servers such as IIS as very popular and oftentimes the easiest to set up and maintain. However, that doesn't always make them the right choice.

Until next time.....

For more information, see The American Prospect: Vol 11, ISS 10. March 27, 2000 - April 10, 2000. After Microsoft: The Open-Source Society and "Finland -- the open-source society" in