Language Selection

English French German Italian Portuguese Spanish

Open source doesn't make software safer

Filed under
OSS

There is this ludicrous paradigm among the technorati that just because a piece of software is developed collaboratively and by enthusiasts with source code shared freely on the web, that automatically makes it more secure and less buggy.

"When everyone can look at your code," runs the argument, "flaws get found more quickly and patches get released almost immediately."

But although everyone can look at open source code, in practice, the only people who do are those involved in developing the software and those trying to create malware that exploits it.

This is exactly the same situation that applies to closed source software, except that it is somewhat harder for the hackers to get their copy of the code.

More here




Another non article

Where this article fails bigtime is it's disregard for reality.

Windows = millions of malware and viruses
Linux = virtually none, and those holes are quickly patched.

So practical reality show his argument is rubbish. Also the assertion that malware attacks Microsoft because it is an attack on "the man" is also spurious. Most modern virus and malware writers are criminals and in it for the money, they do not care who or what company they target, only results.

It is also handy that Linux is inherently more secure by design and sensible Linux people get their software from a repository, not some dodgy warez site or bittorrent.

GregE
Melbourne, Australia

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Speeding up the Debian installer using eatmydata and dpkg-divert

The Debian installer could be a lot quicker. When we install more than 2000 packages in Skolelinux / Debian Edu using tasksel in the installer, unpacking the binary packages take forever. A part of the slow I/O issue was discussed in bug #613428 about too much file system sync-ing done by dpkg, which is the package responsible for unpacking the binary packages. Other parts (like code executed by postinst scripts) might also sync to disk during installation. All this sync-ing to disk do not really make sense to me. If the machine crash half-way through, I start over, I do not try to salvage the half installed system. So the failure sync-ing is supposed to protect against, hardware or system crash, is not really relevant while the installer is running. Read more

Samsung's first open-source conference kicks off, with Tizen on its mind

The inaugural Samsung Open-Source Conference opens Tuesday morning in Seoul, with keynotes from well-known figures in the open source world and a hackathon focused on Tizen, the company’s in-house mobile operating system. The event kicks off with a speech from Jono Bacon, the former community manager for Ubuntu, who recently moved to the XPrize Foundation, and also includes talks from Linux kernel developer Tejun Heo and Carsten Heitzler, the principal creator of the Enlightenment desktop environment for Linux. Read more Also: Samsung Electronics to host first open-source conference

Flockport Rivals Docker with Open Source Container Virtualization

Is there more to container-based open source virtualization than Docker? A startup named Flockport thinks so, and has launched a website for sharing and deploying virtual apps using Linux Containers (LXC), an alternative to Docker. Read more

OpenDaylight executive director spells out where this open source SDN efforts stand

So if I compare it to Linux. Linux is in my computer, in my car, it’s in a million things outside of the server room. In the same way I think a large percentage of OpenDaylight will be used and leveraged that way. You will have a few people who grab the code, compile it themselves and deploy it in their environment, but mostly for a proof of concept (POC). If an end user hears about SDN and thinks it’s great, they might find themselves needing to POC 15 different solutions. Do I need an overlay? Well, you’ve got to look at three or four overlays out there because they all do things differently. And if you want to figure out how to use OpenFlow, well there are different flavors of OpenFlow, so you’re going to pull a couple of different ones. Read more