Did someone forgot to mention Election Commission of India running on Windows Server using ASP.NET
On 9th March 2007 Election Commission of India Fixed (disabled parts of) their website to avoid XSS and SQL injection vulnerabilities after intervention of CERT-IN. The vulnerabilities were reported on 2nd of March to ECI and on 4th March to CERT-IN, for the following URL:
http://search.eci.gov.in/maps/eci_se2007/detailResult.asp
Still a bit of usually harmless data insertion is possible. The above script is used to display detailed results of a given constituency. It may have been running unprotected for maybe few months.
Had the ECI made the code GPLed, the vulnerabilities would have been detected much earlier.
Even if these acts are shameful, I still do not support the "Hall of Shame" rhetoric, but if the Govt Departments are working for Public they must open their code using General Public License.
Real Hall of shame is when Punjab Govt. spends lakhs on purchase of MS software for use in education at 10+1 and 10+2 level, where FLOSS would have been equally good (and same also for Sarv Sikhya Abhiyan).
----- CK Raju ckraju68@yahoo.co.in wrote:
http://puggy.symonds.net/pipermail/fsug-kochi-discuss/2003-August/000712.htm... "Sanghamitra ?!" CK Raju
Anilkumar K V achu.kulangara@gmail.com wrote: On 11/03/07, CK Raju, Thrissur wrote:
ATPS's contribution to Financial services are in public memory domain.
[I don't have any - and don't feel sorry about it.]
Raju,
It is not clear what you are trying to convey. Can you pleaseelaborate,
- Anil
Even if these acts are shameful, I still do not support the "Hall of Shame" rhetoric, but if the Govt Departments are working for Public they must open their code using General Public License.
You misunderstand the Hall of Shame "rhetoric". It is not about which site uses what technology to provider services. HoS is about not discriminating against users of these services. Critical websites like governments should be accessible by all, including users of FOSS software. That is all about our "limited" mission.
Whether a government site should proprietary technology or FOSS software is a different debate, and is not related to the Hall of shame effort.
BTW, I personally believe that FOSS software is not everything. You need to have FOSS content also. So even if we have FOSS software which is good, but not FOSS education material, what good would the software be to an education drive? Look around the education area, you would be a huge amount of teaching material already in place for these proprietary software. I don't blame the education drive too much right now for their decision. They can't help their students *now* by deploying FOSS and waiting for years for the teaching material to appear. The good thing is that there are many localized drives in India who are developing good teaching material. I believe Kerala was a pioneer in it, but I don't have any references to it right now. Once we have a worth 10+2 content in place, it would be difficult for any government to justify ignoring it.
- Sandip
-
Ajay Pal Singh Atwal -
Sandip Bhattacharya