Language Selection

English French German Italian Portuguese Spanish

Open source doesn't make software safer

Filed under
OSS

There is this ludicrous paradigm among the technorati that just because a piece of software is developed collaboratively and by enthusiasts with source code shared freely on the web, that automatically makes it more secure and less buggy.

"When everyone can look at your code," runs the argument, "flaws get found more quickly and patches get released almost immediately."

But although everyone can look at open source code, in practice, the only people who do are those involved in developing the software and those trying to create malware that exploits it.

This is exactly the same situation that applies to closed source software, except that it is somewhat harder for the hackers to get their copy of the code.

More here




Another non article

Where this article fails bigtime is it's disregard for reality.

Windows = millions of malware and viruses
Linux = virtually none, and those holes are quickly patched.

So practical reality show his argument is rubbish. Also the assertion that malware attacks Microsoft because it is an attack on "the man" is also spurious. Most modern virus and malware writers are criminals and in it for the money, they do not care who or what company they target, only results.

It is also handy that Linux is inherently more secure by design and sensible Linux people get their software from a repository, not some dodgy warez site or bittorrent.

GregE
Melbourne, Australia

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

How Linux became my job

I've been using open source since what seems like prehistoric times. Back then, there was nothing called social media. There was no Firefox, no Google Chrome (not even a Google), no Amazon, barely an internet. In fact, the hot topic of the day was the new Linux 2.0 kernel. The big technical challenges in those days? Well, the ELF format was replacing the old a.out format in binary Linux distributions, and the upgrade could be tricky on some installs of Linux. Read more

Linux 4.16-rc2

It's been a quiet week, and rc2 is out. I take the fairly quiet rc be a good sign for 4.16, but honestly, rc2 is often fairly calm. That's probably because people are taking a breather after the merge window, but also simply because it might take a while to find any issues. But let's be optimistic, and just assume - at least for now - that it's because all is well. The diffstat is fairly odd, but that often happens with small rc's just because then just a couple of pulls will skew things easily in one or two directions. This time the patch is about one third architecture updates (arm64, x86, powerpc), one third tooling (mostly 'perf') and one third "rest". And yes, the bulk of that rest is drivers (gpu, nvme, sound, misc), but those drivers are still distinctly *not* the bulk of the whole patch. Go out and test, it all looks fine. Read more Also: Linux 4.16-rc2 Kernel Released

OpenStreetMap in IkiWiki and Why OpenStreetMap is in Serious Trouble

  • OSM in IkiWiki
    Since about 15 years ago, I have been thinking of creating a geo-referenced wiki of pubs, with loads of structured data to help searching. I don't know if that would be useful for anybody else, but I know I would use it! Sadly, the many times I started coding something towards that goal, I ended blocked by something, and I keep postponing my dream project.
  • Why OpenStreetMap is in Serious Trouble
    That said, while I still believe in the goals of OpenStreetMap, I feel the OpenStreetMap project is currently unable to fulfill that mission due to poor technical decisions, poor political decisions, and a general malaise in the project. I'm going to outline in this article what I think OpenStreetMap has gotten wrong. It's entirely possible that OSM will reform and address the impediments to its success- and I hope it does. We need a Free as in Freedom geographic dataset.

Linux KPI-Based DRM Modules Now Working On FreeBSD 11

Thanks to work done by Hans Petter Selasky and others, this drm-next-kmod port is working on FreeBSD 11 stable. What's different with this package from the ports collection versus the ported-from-Linux Direct Rendering Modules found within the FreeBSD 11 kernel is that these DRM modules are using the linuxkpi interface. Read more