Language Selection

English French German Italian Portuguese Spanish

Open Source vs. Windows: Security Debate Rages On

Filed under
Microsoft
OSS

It's a topic of fierce debate among high-tech cognoscenti: What's more secure -- "open source" code such as Linux and Apache, or proprietary "closed source" operating systems and applications, Microsoft's in particular?

The regularity with which Microsoft has taken to announcing vulnerabilities and consequent software fixes has left few cheering about its security. In contrast, high expectations endure for open source, with proponents arguing that it's inherently more secure because a much larger set of developers can read the code, vet it and correct problems.

"I'm struggling to think of anyone who would argue the other way," says Adam Jollans, chief Linux technologist at IBM Latest News about IBMSoftware Group.

"Discovery is different in the open source and closed source approach," Jollans says. "Because source code is visible to lots of people, if there is a security issue, it tends to be spotted earlier. The open source community isn't shy about criticizing bad code."

Thus, open source developers are "more able to respond quickly and to use new and more secure techniques. Because they perform for peers' kudos, this, too, behooves them to perform well," Clarke says.

"Open source development is centered around operating systems designed many years ago with security and Internet connectivity as a base requirement," he adds.

Open source is foremost an "ethos" that "is precisely the best social environment for the best development of anything," Clarke maintains. "By contrast, the principle culprit of poor security, Microsoft, has several major issues with producing secure code."

Microsoft seems lax to security threats," says Robert Swiercz, managing director of the Portal of Montreal, the city's Web site. "I have less and less ability to trust them." He, too, expresses confidence in the open source community, saying, "This is where the solutions are coming from."

However, some call these assumptions into question and assert there's a lack of accountability in fixing open source. A number of research firms are ready to puncture the belief that open source is by its very nature superior.

Other I.T. managers say they like a lot of open source security tools and applications but corporate policies prevent them from using them.

"We don't do open source because my lawyer says there's no one to sue," says Phil Maier, vice president of information security at Inovant, Visa's technology deployment division. "The lawyers had the final say."

Full Article.

More in Tux Machines

Leftovers: Software and Games

Hardware With Linux

  • Raspberry Pi's new computer for industrial applications goes on sale
    The new Raspberry Pi single-board computer is smaller and cheaper than the last, but its makers aren’t expecting the same rush of buyers that previous models have seen. The Raspberry Pi Compute Module 3 will be more of a “slow burn,” than last year’s Raspberry Pi 3, its creator Eben Upton predicted. That’s because it’s designed not for school and home use but for industrial applications. To make use of it, buyers will first need to design a product with a slot on the circuit board to accommodate it and that, he said, will take time.
  • ZeroPhone — An Open Source, Dirt Cheap, Linux-powered Smartphone Is Here
    ZeroPhone is an open source smartphone that’s powered by Raspberry Pi Zero. It runs on Linux and you can make one for yourself using parts worth $50. One can use it to make calls and SMS, run apps, and pentesting. Soon, phone’s crowdfunding is also expected to go live.
  • MSI X99A RAIDER Plays Fine With Linux
    This shouldn't be a big surprise though given the Intel X99 chipset is now rather mature and in the past I've successfully tested the MSI X99A WORKSTATION and X99S SLI PLUS motherboards on Linux. The X99A RAIDER is lower cost than these other MSI X99 motherboards I've tested, which led me in its direction, and then sticking with MSI due to the success with these other boards and MSI being a supporter of Phoronix and encouraging our Linux hardware testing compared to some other vendors.
  • First 3.5-inch Kaby Lake SBC reaches market
    Axiomtek’s 3.5-inch CAPA500 SBC taps LGA1151-ready CPUs from Intel’s 7th and 6th Generations, and offers PCIe, dual GbE, and optional “ZIO” expansion. Axiomtek’s CAPA500 is the first 3.5-inch form-factor SBC that we’ve seen that supports Intel’s latest 7th Generation “Kaby Lake” processors. Kaby Lake is similar enough to the 6th Gen “Skylake” family, sharing 14nm fabrication, Intel Gen 9 Graphics, and other features, to enable the CAPA500 to support both 7th and 6th Gen Core i7/i5/i3 CPUs as long as they use an LGA1151 socket. Advantech’s Kaby Lake based AIMB-205 Mini-ITX board supports the same socket. The CAPA500 ships with an Intel H110 chipset, and a Q170 is optional.

Leftovers: Ubuntu and Debian

  • Debian Project launches updated Debian GNU/Linux 8.7 with bug fixes
    An updated version of Debian, a popular Linux distribution is now available for users to download and install. According to the post on the Debian website by Debian Project, the new version is 8.7. This is the seventh update to the Debian eight distribution, and the update primarily focuses on fixing bugs and security problems. This update also includes some adjustments to fix serious problems present in the previous version.
  • Freexian’s report about Debian Long Term Support, December 2016
    The number of sponsored hours did not increase but a new silver sponsor is in the process of joining. We are only missing another silver sponsor (or two to four bronze sponsors) to reach our objective of funding the equivalent of a full time position.
  • APK, images and other stuff.
    Also, I was pleased to see F-droid Verification Server as a sign of F-droid progress on reproducible builds effort - I hope these changes to diffoscope will help them!
  • Linux Mint 18.1 "Serena" KDE Gets a Beta Release, Ships with KDE Plasma 5.8 LTS
    After landing on the official download channels a few days ago, the Beta version of the upcoming Linux Mint 18.1 "Serena" KDE Edition operating system got today, January 16, 2017, an official announcement. The KDE Edition is the last in the new Linux Mint 18.1 "Serena" stable series to be published, and it was delayed a little bit because Clement Lefebvre and his team wanted it to ship with latest KDE Plasma 5.8 LTS desktop environment from the Kubuntu Backports PPA repository.
  • Linux AIO Ubuntu 16.10 — Ubuntu GNOME, Kubuntu, Lubuntu, Ubuntu MATE, and Xubuntu In One ISO
    Linux AIO is a multiboot ISO carrying different flavors of a single Linux distribution and eases you from the pain of keeping different bootable USBs. The latest Linux AIO Ubuntu 16.10 is now available for download in both 64-bit and 32-bit versions. It features various Ubuntu flavors including Ubuntu GNOME, Kubuntu, Lubuntu, Ubuntu MATE, and Xubuntu.

Top Ubuntu Editing Apps: Image, Audio, Video

It's been my experience that most people aren't aware of the scope of creative software available for Ubuntu. The reason for this is complicated, but I suspect it mostly comes down to the functional availability provided by each application title for the Linux desktop. In this article, I'm going to give you an introduction to some of the best creative software applications for Ubuntu (and other Linux distros). Read more