Integrity at Stake

Dan Geer's dismissal from security firm @stake may have seemed a good idea at the time to placate Microsoft, but it showed Dan's commitment to what he had helped researched to be the truth about the monoculture that Windows has created. This wasn't a personal attack, nor was it jealousy, nor indeed some open source ploy for some cheap points off Microsoft - it was a security professional with over 30 years of security research experience performing some thinking and research into the security problem of today. eWeek's Integrity at Stake discusses how this may backfire on @stake - they can be seen to be lacking integrity by having a company policy not to mention security problems their customers may have, and thus may not be providing the best service to all their customers. ``If patients suspect that a doctor is prescribing medication not because patients need it but to maintain a good relationship with a drug company, that doctor's practice would justifiably suffer. In IT security, the same principle should apply: The burden of proof is on those whose livelihood depends on the trust of others.''