The German IT security watchdog has issued a warning about a large number of e-commerce web sites that are (allegedly) infected with malware.
Commercially focused firms have been quick to piggyback on this statement with what may be mere scaremongering to suggest that the e-commerce software at the heart of this problem is open source. Allegations have been made relating to failures having come about due to fewer “patch and update” processes being carried out in open source compared to commercial software.
Chief among the commentators here is Philip Lieberman, president and CEO of Lieberman Software. Lieberman’s firm produces (surprise, surprise) identity management and security management technology, so he is understandably keen to extoll the virtues of proprietary software.
So is Lieberman out to merely scaremonger and bash open source development?
The malware that has caused the German regulator to issue its warning, says Lieberman, takes advantage of outdated software of all types, with the end result that visitors to the various affected sites are being routed via drive-by download infections — something which can have a serious effect on the brand of the company whose web portal is infected.
Lieberman has clearly used the German watchdog’s broad brush warning to make a sharp angled comment aligned toward the effectiveness of his own products at the expense of open source’s general reputation.
No more specific details of the open source e-commerce software at fault was provided by the German ombudsman or indeed Lieberman.
To his credit, Lieberman does make the final clarifying point.
“You’d think the moral of the story here is to go for commercial software over open source, but the reality is that unless the company keeps its systems and software patched and fully up to date, its system security is going to be impaired — no matter what software it has installed on its systems,” he said.
Hmm, Oktoberfest is around the corner, I wonder if those Germans are hitting the Hoffbrauhaus a little too soon?