Language Selection

English French German Italian Portuguese Spanish

Open Source vs. Windows: Security Debate Rages On

Filed under
Microsoft
OSS

It's a topic of fierce debate among high-tech cognoscenti: What's more secure -- "open source" code such as Linux and Apache, or proprietary "closed source" operating systems and applications, Microsoft's in particular?

The regularity with which Microsoft has taken to announcing vulnerabilities and consequent software fixes has left few cheering about its security. In contrast, high expectations endure for open source, with proponents arguing that it's inherently more secure because a much larger set of developers can read the code, vet it and correct problems.

"I'm struggling to think of anyone who would argue the other way," says Adam Jollans, chief Linux technologist at IBM Latest News about IBMSoftware Group.

"Discovery is different in the open source and closed source approach," Jollans says. "Because source code is visible to lots of people, if there is a security issue, it tends to be spotted earlier. The open source community isn't shy about criticizing bad code."

Thus, open source developers are "more able to respond quickly and to use new and more secure techniques. Because they perform for peers' kudos, this, too, behooves them to perform well," Clarke says.

"Open source development is centered around operating systems designed many years ago with security and Internet connectivity as a base requirement," he adds.

Open source is foremost an "ethos" that "is precisely the best social environment for the best development of anything," Clarke maintains. "By contrast, the principle culprit of poor security, Microsoft, has several major issues with producing secure code."

Microsoft seems lax to security threats," says Robert Swiercz, managing director of the Portal of Montreal, the city's Web site. "I have less and less ability to trust them." He, too, expresses confidence in the open source community, saying, "This is where the solutions are coming from."

However, some call these assumptions into question and assert there's a lack of accountability in fixing open source. A number of research firms are ready to puncture the belief that open source is by its very nature superior.

Other I.T. managers say they like a lot of open source security tools and applications but corporate policies prevent them from using them.

"We don't do open source because my lawyer says there's no one to sue," says Phil Maier, vice president of information security at Inovant, Visa's technology deployment division. "The lawyers had the final say."

Full Article.

More in Tux Machines

Plasma 5.9.2, Applications 16.12.2 and Frameworks 5.31.0 available in Chakra

The latest updates for KDE's Plasma, Applications and Frameworks series are now available to all Chakra users. Included with this update, is an update of the ncurses, readline and gnutls related group of packages, as well as many other important updates in our core repository. Be aware that during this update, your screen might turn black. If that is the case and it does not automatically restore after some time, then please switch to tty3 with Ctrl+Alt+F3 and then switch back to the Plasma session with Ctrl+Alt+F7. If that does not work, please give enough time for the upgrade to complete before shutting down. You can check your cpu usage using 'top' after logging in within tty3. You can reboot within tty3 using 'shutdown --reboot'. Read more

Red Hat Financial News

  • SSM uses Red Hat technology to modernise IT infrastructure
    RED Hat, Inc, a provider of open source solutions, announced that it has been selected by Suruhanjaya Syarikat Malaysia (SSM) to support the development of a new and advanced gateway for the registration of companies and businesses in Malaysia. Mesiniaga Bhd, a systems integrator with 35 years of experience, is the primary implementer for this initiative.
  • The Red Hat, Inc. (RHT) Stake Lowered by FIL Ltd
  • Analysts Near-Term outlook: Red Hat (RHT), CMS Energy (CMS)
  • Fedora 27 Aiming To Drop Out Alpha Releases
    In a similar effort to Ubuntu itself not issuing alpha/beta releases the past few years as they focused on the quality of their daily ISOs instead, Fedora developers have been discussing a similar maneuver of beginning to drop alpha releases from their schedule. Beginning with Fedora 27 we could see no more alpha releases, if the Fedora Engineering and Steering Committee approves of this change. The focus would be on ensuring Fedora Rawhide is always in good shape and save on release engineering time and other resources with putting out alpha builds.
  • Fedora macbook pro testers++
    In the final run-up to the Fedora 25 release, we slipped a week because there was a bug in installs on apple osx (now macos again) hardware. This was (and is) a use case the Workstation working group cares about, as they would love for folks with apple hardware to install Fedora and use it on that hardware. Sadly, we don’t have too many testers with this hardware to help our testing cycles, and many community members with this hardware also are using it day to day and cannot afford to reinstall and test at the drop of a hat.

New GNU/Linux Releases: TheSSS, Arkas OS, Black Lab, and Parrot

  • The Smallest Server Suite Gets Special Edition with PHP 7.0.15, Apache 2.4.25
    4MLinux developer Zbigniew Konojacki informs Softpedia about the availability of a special edition of the TheSSS (The Smallest Server Suite) Live Linux operating system. Carrying the same version number as the original TheSSS release, namely 21.0, and dubbed TheSSS7, the new flavor ships with more recent PHP packages from the 7.0.x series. Specifically, TheSSS7 includes PHP 7.0.15, while TheSSS comes with PHP 5.6.30.
  • Descent OS Is Dead, Arkas OS Takes Its Place and It's Based on Ubuntu 16.04 LTS
    Some of you out there might remember the Descent OS distro created by Brian Manderville and based on the popular Ubuntu Linux operating system, and today we have some bad news for them as the development is now officially closed. Descent OS first appeared in February 2012 as a lightweight Ubuntu derivative built around the GNOME 2 desktop environment. Back then, it was known as Descent|OS, and was quite actively developed with new features and components borrowed from the latest Ubuntu releases.
  • Black Lab Linux 8.1 Out Now with LibreOffice 5.3, It's Based on Ubuntu 16.04 LTS
    Softpedia was informed today by the Black Lab Software project about the general availability of the first point release to the Black Lab Linux 8.0 operating system series. Serving as a base release to the company's enterprise offerings and equipped with all the long-term supported Linux 4.4 kernel from the Ubuntu 16.04 LTS (Xenial Xerus) operating system, Black Lab Linux 8.1 comes with up-to-date components and the latest security patches ported from Ubuntu's repositories as of February 15, 2017. "Today we are pleased to announce the release of Black Lab Linux 8.1. Our first incremental release to the 8.0 series. In this release we have brought all security updates up to Feb 15, 2017, as well as application updates," said Roberto J. Dohnert, CEO of Black Lab Software.
  • Parrot 3.5 – Call For Betatesters
    We did our best to prepare these preview images including all the updates and the new features introduced since the last release, but now we need your help to understand how to make it even better, and of course we need your help to understand if there is something that doesn’t work as expected or something that absolutely needs to be included in the final release.

Linux and Graphics

  • Linux Kernel 4.10 Now Available for Linux Lite Users, Here's How to Install It
    Minutes after the release of Linux kernel 4.10 last evening, Jerry Bezencon from the Linux Lite project announced that users of the Ubuntu-based distribution can now install it on their machines. Linux 4.10 is now the most advanced kernel branch for all Linux-based operating systems, and brings many exciting new features like virtual GPU support, better writeback management, eBPF hooks for cgroups, as well as Intel Cache Allocation Technology support for the L2/L3 caches of Intel processors.
  • Wacom's Intuos Pro To Be Supported By The Linux 4.11 Kernel
    Jiri Kosina submitted the HID updates today for the Linux 4.11 kernel cycle.
  • Mesa 13.0.5 Released for Linux Gamers with over 70 Improvements, Bug Fixes
    We reported the other day that Mesa 13.0.5 3D Graphics Library will be released this week, and it looks like Collabora's Emil Velikov announced it earlier this morning for all Linux gamers. Mesa 13.0.5 is a maintenance update to the Mesa 13.0 stable series of the open source graphics stack used by default in numerous, if not all GNU/Linux distributions, providing gamers with powerful drivers for their AMD Radeon, Nvidia, and Intel GPUs. It comes approximately three weeks after the Mesa 13.0.4 update.
  • mesa 13.0.5