“To begin with, the Red Hat software in question is its Web
clustering product, called Piranha, which ships with Red Hat Linux
6.2. Piranha itself is a version 0.4.12 product. In other words,
the developers are unashamedly communicating the fact that this
product is less than half finished. In contrast, the alleged
Microsoft back door was found in Windows NT 4.0’s Internet
Information Server version 4.0 with FrontPage 98
extensions….”
“Now let us turn our attention to the timeliness with which the
problems were solved or workarounds were supplied. On the one hand,
Red Hat discovered and corrected its problem almost immediately
after the product in question was released. Linux fanatics
naturally want to attribute this quick response time to the
benefits of open source. However, I suggest to you that Red
Hat was simply the accidental beneficiary of an unexpected side
effect of the malicious back door — the fact that you can’t
actually use Piranha until you discover and fix the problem.”
“Microsoft also isolated and fixed its problem soon after it was
reported. According to CNet, a Microsoft spokeswoman said, “After a
pretty thorough evaluation, it was clear that it was a security
issue with FrontPage 98 and FrontPage 98 extensions, and we figured
out at the same time there was a very simple fix: removing the
single file [DVWSSR.DLL].”
“After an even more thorough examination, Microsoft said there
was never a back door problem to begin with. Unfortunately, since
the Microsoft software is closed source code, we have no way to
independently verify which thorough examination yielded the correct
results. (This, if I recall correctly, was the point of my original
column on this topic.)”