Digitalquill

The title of this blog post will be a scandal in many people’s eyes; however, I will justify what I mean later in this post.

In the technical circles there are many that continually bash the big commercial software companies, Microsoft, Apple, Adobe and so on for producing software that contains bugs and security flaws and to some extent rightly so, in an ideal world software that is released should be perfect, however, this is almost impossible to achieve.

I am recently recovering one of my servers for another hack, and as you may have gathered from the subject of this post, this server was not a Windows server but a Debian Linux software. While trawling through the logs trying to find how and where they got in, I started to think, I have four dedicated servers, two Microsoft (windows 2000 and windows 2003) and two Linux (Debian and Ubuntu 8.x), and you know what, the Linux boxes have been hacked more times than I care to count and to date the windows boxes have never been hacked, they have been subjected to a denial of service attack (DOS) but never actually hacked.

This is not due to the use of the servers either; all my servers are used for similar things, indeed the windows boxes host more websites in total than the Linux ones.

You are going to come back and tell me that with the move to Ubuntu, Debian is no longer recommended or being actively developed, and that Ubuntu 8.x is old, and you would be completely right, however, Windows 2000 is 10 years old, much older than the version of Debian I am using and is in much the same situation. One can not be expected to move hundreds of websites simply to upgrade from a distro that the open source community has chosen to drop.

As a project manager on a large software development project (circa £3 million) I know very well the problems faced by software companies in producing fault free software. The amount of times that we have released a new version of our software only to find that a change to feature Z has actually broken something in feature A that we developed 3 years ago. It is the inherent problem with large software projects, to maintain the balance between testing and actually getting to the software released.

Risk management is key, we operate a system where the company critical aspects of the software have more rigorous testing than those within the bells and whistles functions that if broken would not jeopardies the running of the company.

I therefore recognise the difficulties faced by both software companies and the open source community; however, in our little software development team we have to answer to the company board as to why we have released buggy software, fortunately for us our Managing Director understands these difficulties.

Open source software has no commercial liability

Open source software has no commercial liability to keep it in check, by this I mean that the large software companies such as Microsoft have a commercial standing to maintain, share holders to answer to and balance sheets to tally. If they release bad software, all that is put into jeopardy, their commercial standing is damaged and as such they will do everything in their power to ensure that their software is as faultless as possible, and when faults are found that they patch them.

Open source software has no such commercial checks to keep it in line, and the very nature of community development results in a free for all in development with no management or corporate responsibility keeping it in check. This results in software that maybe fantastically feature rich and cleaver but just does not deliver the secure and stable environment now let alone in the future when the community chooses at a whim to drop that particular distro.

As both an web master and web host security is the most important aspect of my business. Down time for servers costs money, I am therefore considering my strategic position at this time.

It is something that I have often said, open source is not free, and perhaps the cost of the windows server license is actually worth it in comparison to the cost of the down time.

Simply because it is free just does not cut it anymore, if Linux and open source are to get to the standing that they want to, if they are to take a larger proportion of the desktop market, if they are to continue to establish themselves in the web hosting and server industries they need to become rather more commercially aware and commercially structures to deliver the stable secure systems that corporations and business require.

Well it has been some time since I last posted, during that time allot of water has gone under the bridge. It was back at the end of February last year that I wrote my last blog post on this site. Shameful I know, but I have been battling against Google and others for the length of that time.

This and my other blog Earning From Affiliates was hacked and links to spyware added to the bottom of some of my sites, I assume this was some form of SQL injection attack on a vulnerability in WordPress.

As soon as I found this problem (hours after it happened) the site was cleaned, repaired and wordpress upgraded to fix the vulnerability, however by that time Google has showing a warning about the sites. No problem, all I should need to do is use the Google Webmaster tools to contact Google and ask them to re-check the site and remove the warnings. No… not that easy at all, emails and messages to Google went without a response. Weeks turned into months and I got fed up with the mess and was about to simply bin the sites when I thoughts I would have one more try and what do you know the warnings were removed and all is now back to normal running.
It has meant that the sites have been without updates for so long that their readers have probably long gone, any ranking in Google or other search engines has been damaged if not set back to zero so I am effectively starting afresh, although I do have the advantage that both sites still have their content, which is all self written unique content.

I have been busy over the last year, I was married in August to the wonderful and beautify Cheryl, her and our Daughter Eva are my life.

I have also been working on other projects, mainly software projects relating to Affiliate marketing, which have been much more successful that I could ever have hoped.

I will post more details about those projects in the coming days, but for now I just wanted to add a note to say I was back and I will be trying to find the time to post regularly and put some effort into these sites.