Linked by Thom Holwerda on Tue 19th Jul 2005 19:23 UTC, submitted by Just_A_User
FreeBSD On Tuesday, code-analysis software maker Coverity announced that its automated bug finding tool had analyzed the community-built operating system FreeBSD and flagged 306 potential software flaws, or about one issue for every 4,000 lines of code. The low number of flaws found by the system underscores that FreeBSD's manual auditing by project members has reduced the vulnerabilities in the operating system, said Seth Hallem, CEO of Coverity.
Thread beginning with comment 6535
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: the shape of things to come
by on Wed 20th Jul 2005 00:00 UTC in reply to "the shape of things to come"

Member since:

<SNIP> "Open source apps definitely have fewer statically identifiable problems than does proprietary software." <SNIP>

I'm sure I'm not the only one that would LOVE to see you back this statement up with facts, but I'm quite confident you will never be able to do so, because you can't get a proper set of proprietary software samples, no matter how hard you try, to prove or disprove this statement/theory. Until you can actually analyze a statistically meaningful amount of proprietary code, this statement is pure ideology driven: there's no proof that either proprietary (not open for public analysis) or open (available for public review) code has a better overall error rate.

For as many publically known and well-designed/implemented chunks of Open Source, there's a huge number of Open Source applications (far more than the good quality ones) that would tilt the numbers in a negative way. Hopefully, though, those poorly written applications rightfully earn their Darwin Awards before they become known outside of a very select few victims and their creators. So, too, it'd be best if that happened with really bad proprietary software, but at least it's easier to trace the comings and goings of publically released proprietary software (and there's a lot that isn't released to the public! A lot of that is mission critical and specialized to that user) because there's usually press releases and marketing, while most OSS stuff is word-of-mouth until some distributor like Red Hat decides to throw it on their wares.

So, in summary, Proprietary code cannot be assessed on the whole as being inferior in quality to Open Source Software, or the other way around, because it is practically impossible to get enough data to prove or disprove the debate one way or the other. Any claims to the contrary are pure wishful BS, along with 77.5% of statistics that are made up on the spot.

Reply Parent Score: 1

RE[2]: the shape of things to come
by on Wed 20th Jul 2005 05:20 in reply to "RE: the shape of things to come"
Member since:

Well as the story title says, "...possible bugs...". So I'm not really certain how useful this story is. If we had tools that could prove bugs over and above what we mormally use? Then I would think we would all be using them, and BSD and GPL alike would benefit. So no, "thousand eyes...all bugs shallow" must still remain in the land of "feel-good" slogans.

Reply Parent Score: 0