I noted this week that IT expert, Francis Maude, has told us in the industry that Open Source is the future. One wonders which accreditor is going to support that approach?
Certain things make sense in open source. Productivity solutions such as Open Office. Appliance Operating Systems maybe. But one has to wonder at quite how this will work in the IA space for security solutions. How on earth can you validate the source code when the chap who wrote it doesn’t get up until late afternoon? And if it’s open to interpretation and modification, who’s to say it hasn’t been messed with by the bad guys?
I’m all for the work of the Cabinet Office ERG, and we’re big fans of Owen Pengelly here, but this looks like a negotiating ploy to me. By all means chaps, save the purse some cash, but don’t do it and put everyone’s hard work to date in the IA space at risk at the expense of a few quid?