Linked by Thom Holwerda on Thu 26th Oct 2006 21:05 UTC
Privacy, Security, Encryption Alan Cox, one of the most respected figures in the UK open source community, has warned of complacency over the security of open source projects. Speaking to delegates at London's LinuxWorld conference on Wednesday, he emphasised that considerable sums of money were being spent to try and hack into open source systems. And he cautioned that many open source projects were far from secure. "Things appear in the media like open source software is more secure, more reliable and there are less bugs. Those are very dangerous statements," Cox said. My take: Agree wholeheartedly. Security complacency, often seen in OSNews' comments sections, is very, very dangerous.
Permalink for comment 176166
To read all comments associated with this story, please click here.
Here's my take on this....
by Phloptical on Fri 27th Oct 2006 23:14 UTC
Member since:

And I'm sure you all will correct me if I'm wrong, but this is the thing.

It is my opinion that any open source software has the potential to be exponentially more secure than any closed source code. I think of it in terms of numbers...there will be far more developers looking to create/debug/fix code than people looking to hack it. Also, open source code isn't looking to attract sales dollars. So there's no push to make aggressive deadlines because of the commitment to the bottom line. When that happens, I believe that's when the buggy code gets released.

When you have closed source code, there's a finite number of individuals involved in the programming and they are being pushed by upper management to create so they can sell. There's a commitment to quality, but I'll tell you from a manufacturing background that when push gets to shove quality will take a backseat more often than not. Comparing to the open source community, closed source code only has users who have paid for the software and are expecting it to perform a certain way. There's no community trying to make things better, and when the code gets released to the public the parent company disbands the majority of the original group of developers to have them work on other projects.

So that's the schpeel. Long story short, the benefits of open source should outweigh the liability of allowing everyone access to the raw code.

Reply Score: 1