Clarifying OSS Misconceptions

The DoD already uses some open-source products. This new memorandum is meant to provide guidance on the use of OSS and to clarify some misconceptions. According to the DoD, these misconceptions have hampered "effective DoD use and development of OSS."

One of these misconceptions is that the DoD would have to distribute any changes made to the OSS code. In reality, most open-source licenses permit users to modify code for internal use and these organizations only have to make the changes public if they distribute the code outside of their organizations.

It's good to see the government embrace open-source software - though some members of the open-source movement will feel a bit queasy about the DoD using their software. Just last week, the White House website became a Drupal site and hopefully other branches of government will follow the DoD's lead and embrace open source as a valid means of acquiring and developing software.

DOD Open Source Rules

USB drives, as well as all removable storage devices, can run a program automatically on your machine based on the computer's configuration.

While Autorun is featured in Windows OS as a convenience, you do have the option of disabling it, particularly as an unfortunate side effect can be the loading and executing of programs on your PC without your knowledge.

Autorun and AutoPlay

There seems to be a little confusion about the differences between AutoPlay and Autorun so we've defined them here:

AutoPlay

AutoPlay is a Windows feature that lets you choose which program to use to start different kinds of media. You can change AutoPlay settings for each media type.

Autorun

Autorun is a technology used to start any program automatically when you insert various media into your computer. While different from AutoPlay, the result is typically the same: when inserted, a specific program on the external device runs automatically.

While you cannot modify the Autorun.inf file on the external device you plug into your machine, you can stop it from executing on your computer by modifying your registry.

To modify the registry setting, Microsoft has set up a page to help you determine which updates you will need, and then offers step by step instructions on how to disable Autorun. You can find it here.

Even though disabling of Autorun seems a relatively painless process, clearly it isn't enough to soothe the Defense Department or security experts.

Shachtman, in his Wired article asked Ryan Olson, director of rapid response for iDefense whether banning external devices was "a bit of over-kill," and received the answer "I don't know." Although, Olson did offer: "The USB ban should be effective in stopping the worm."

Perhaps the Defense Department should have taken its lead from what has been drummed into home computer users over the years; that is, use anti-virus software and keep your definitions up to date.

What do you think?