Insecurity in Open Source

Submitted by srlinuxx on Thu, 10/05/2006 - 23:44

Debates over what methods result in the best software often pit those who favor an open-source approach against proponents of proprietary, or closed-source, development. Conventional wisdom holds that open-source software should have fewer security flaws than proprietary software. With more eyes able to look at the underlying source code, bugs should be found and squashed much faster.

But when software security and quality really matter—like crossing the Atlantic on a jet airliner—trust me, you want to fly proprietary.

That conclusion is based on my company's involvement in testing of software security and quality. Working with the Homeland Security Dept. and Stanford University, my firm, Coverity, has closely analyzed 50 of the most popular open-source software projects, scanning more than 20 million lines of code daily. We publish those results here on the Web.

BUG TO BUG COMPARISON.

Full Story.

»

Security requires some privacy ?

Submitted by atang1 on Fri, 10/06/2006 - 02:46.

Security requires some privacy; so that hackers do not know where you hid the files.

Fifteen years ago, we developed the security in our software with a movable FAT table. Using virtualization, the Fat table moves out of the designated area just ahead of any search. Its been able to lock down our software all these years. No one(including our own people) was able to hack the codes.

When we want to change software, we use a new computer and use packet converters to redirect the packets to the new computer. We have been doing this now since 1994.

Try and figure out how we did it? Hint: first virtualized operating system is the bios? Then it was shadowed. Random number generator is involved.

Most open source software is better

Submitted by srlinuxx on Mon, 10/09/2006 - 19:02.

That's one honest way you can spin a Business Week column, published Friday, written by Coverity CTO Benjamin Chelf.

That's now how Business Week spun it, however. "Insecurity in Open Source" is their headline.

The story is that Coverity ran 50 open source projects through its bug-checking system, as well as products from 100 proprietary makers.

"On average, open-source software is of higher quality than proprietary software," Chelf wrote. But 11 of the 15 top-rated programs were proprietary.

Chelf said one unnamed proprietary product in aerospace had one-fifth the number of bugs as any open source product out there. But here's the thing. He can't say which one.

Full Blog.

----
You talk the talk, but do you waddle the waddle?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.