How long have you been working with Linux, and how did you get interested in it?
I've been working with Linux since sometime before v1.0. I believe it was in fact v0.99pl7. I had purchased it on a stack of floppy disks and it took a few months before it was fully installed.
At the time, I was responsible for the open source development on my college server. I knew even at the time that I would be involved with open source as my career, as it developed much more quickly than the DEC running Ultrix did, and offered a much wider range of software even at that time.
In your opinion, where does Linux need the most development at the moment?
In the security space, better government and vendor support, continued efforts to abandon legacy applications with no security in exchange for those that have been developed to be secure, as well as ongoing code auditing are probably at the top of the list of things that are currently needed.
Guardian Digital is focused on developing open source business applications with specific regards to security. This includes solving issues such as user privacy, "edge" security issues such as web, DNS, and mail services, code auditing, training, authentication, and access control.
Linux is already ahead of proprietary vendors in the areas of honeynet and honeypot research. Proprietary vendors have also acknowledged their open source counterpart in the areas of intrusion detection.
Security vendors are increasingly realizing that Linux is a viable platform for their own security products, and are shifting away from operating systems with licensing, stability, and security problems and porting their software to run on Linux.
What is, in your opinion, the biggest challenge in protecting sensitive information at the enterprise level?
Improved participation from end-users. Regardless of the application, operating system, levels of defense, it will surely crumble if it's not taken seriously by the trusted users.
Further, it's necessary for users to continue to build their knowledge of current trends and technologies. No longer is it possible to "secure" your network by purchasing a firewall and going home for the evening -- the internal network, publically accessible systems, and even the physical building must be secured.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.