No Heartbleed here!

April 15, 2014

There is much scratching of heads and some panic in some IT circles following revelations that Open Source (a posh name for free) software isn’t as secure as it could be.

A new vulnerability called Heartbleed potentially allows hackers access to confidential information. Expert Agent isn’t affected.
Web Sites and Web Based Software like Expert Agent run on one of two systems.

We chose the expensive Microsoft route.

The software costs a fortune, the support costs a fortune but, if it breaks, there’s always someone to shout at and there’s always a solution.
The other route involves “Open Source” software – products designed and developed by a community of users. There’s no monetary relationship with a supplier and little consistency or continuity.

Open Source software is just downloaded. There are often multiple versions of each release – each tweaked by a particular developer or development team to suit a particular need. So, imagine your BMW wasn’t produced in a shiny Munich factory but in spare bedrooms all over the world by hobbyists. If you don’t like the dashboard layout, just change it and upload it for others to use. However, be careful not to download the version that replaces your diesel engine with a clockwork motor!

Every time we sign a cheque for a new server or Microsoft software licence, there’s always a sharp intake or breath and a reflection on whether we made the right decision ten years ago. Incidents like Heartbleed just confirm that we did.