Is Microsoft going out of business due to the source-code leak on Thursday: Not!
Im starting to wonder if the security industry has lost its mind. For most of the morning Ive been hearing security "experts" say that the leak of Microsofts source code is a huge exposure for the company.
These same security experts often favor Unix and Linux for secure deployments—both now Open Source products where virtually all of the code is available on the Web. This leak is embarrassing, sure, but life threatening? Please….
Lets take a deep breath and go back and look at the issue. Microsoft has been strongly anti-open source, arguing that widely distributing source code could result in security problems. But so far open source hasnt suffered from these types of problems.
Crackers have taken the path of least resistance. Its easier to create a virus or attack based on a security bulletin then to do the hard discovery work needed to identify the exposure from scratch. And thats regardless of whether the source code was "open" or not.
Microsoft was created in an era where people kept intellectual property close. The belief at that time was that secrecy provided better protection then a patent or copyright.
The premise was, and is: If only you knew it, then no one else could copy it. The act of patenting something, according to popular belief, could reduce your competitive advantage because others could duplicate what you had just by obtaining the patent.
Often that secrecy was part of the marketing campaign—the "secret Coke formula" or the "Secret Sauce." In Jacks case (from Jack in the Box), at least, it wasnt so special. It turned out to be simply Thousand Island dressing.
But that mystery ingredient let companies like Bayer sell generic products at premium prices. When it comes to cola, most cant tell the difference in a blind test between Coke and brand X. But theyll pay more for Coke because of a perceived taste advantage.