Linked by Mark Tolliver on Thu 13th Sep 2007 08:14 UTC
Editorial The widespread acceptance of open source continues to grow as a cost-effective alternative to traditional network deployments. Well-known projects such as Linux have proven themselves to be in the enterprise environment, helping to dispel the fear, uncertainty and doubt preceding open source implementations. In the past two years, the industry has begun to shift from a total dependence on proprietary applications to a desire for more cost-effective, scalable and collaborative solutions.
Thread beginning with comment 271091
To read all comments associated with this story, please click here.
Security and OpenSource
by kaiwai on Thu 13th Sep 2007 16:48 UTC
kaiwai
Member since:
2005-07-06

People like to poke at Apache and other projects - I think one thing people need to realise is this; these projects are developed in the open and under constant scrutiny by end users, developers and detractors alike.

Unlike Microsoft, IBM or any other large software company - these projects don't have the luxury of being able to hide things when problems are found. Whose to say, for example, that in Microsoft Windows, there aren't thousands upon thousands of bugs there are confirmed and verified but due to the lack of any motivation by management to allocate resources, these issues simply remain unfixed until such time all heal breaks lose in the case of 'code read' and 'blaster'.

As a company owner, would you rather have full discloser about the possibly risks with your software OR would you rather have a software vendor lie to you about the true status of the software security - and worse still, whose to say that, for example, there isn't a bitter and jaded employee who decides to disclose those list of vulnerabilities to a group for a set price. It might take a month before this is known by the parent company - and your software might be infected by then. Hardly what I would called 'secure computing'.

Opensource, as I see it, is like the individual that is too honest; sure, he is honest, everyone knows of his past, but at least you feel secure knowing the full details vs. another individual who is secretive and you never know what he is trying to cook up behind the scenes. You know what you're getting in the first scenario, its straight up and down honesty. The second, would you really trust them?

Reply Score: 4