Linked by Hadrien Grasland on Fri 14th Jan 2011 14:58 UTC, submitted by Debjit
GNU, GPL, Open Source "Steve Chang, the Chairman of Trend Micro, has kicked up a controversy by claiming that open source software is inherently less secure. When talking about the security of smartphones, Chang claimed that the iPhone is more secure than Android because being an open-source platform, attackers know more about the underlying architecture."
Thread beginning with comment 457953
To read all comments associated with this story, please click here.
Comment by AnythingButVista
by AnythingButVista on Fri 14th Jan 2011 17:11 UTC
AnythingButVista
Member since:
2008-08-27

The only "validity" I see in his speech comes from the fact that while in Linux security patches arrive quickly to the end user, in Android you have to wait not only for Google or someone else to patch the Android source, but then for your phone manufacturer and wireless provider to release said patch to end users. An exploit can take longer to get patched on a mobile phone so it can cause more harm than on desktop or server Linux.

Reply Score: 3

RE: Comment by AnythingButVista
by Neolander on Fri 14th Jan 2011 17:14 in reply to "Comment by AnythingButVista"
Neolander Member since:
2010-03-08

But that's not a flaw of the open-source model. Only one of the Android ecosystem.

Edited 2011-01-14 17:18 UTC

Reply Parent Score: 6

sorpigal Member since:
2005-11-02

More like a flaw in the support departments of the phone manufacturers. You can only hand the ready-made fix to Motorola, you can't force them to give it to their users.

Reply Parent Score: 4

kaiwai Member since:
2005-07-06

But that's not a flaw of the open-source model. Only one of the Android ecosystem.


Agreed hence I think the whole idea of calling 'Android' opensource is a giant fraud from top to bottom - to me 'open source' means grabbing a phone and upgrading it without the need to having install a 'root kit' just ot get access to a device that I paid for.

With that being said being open source doesn't automatically make it more secure any more than something being closed source making it automatically more secure.

Reply Parent Score: 2