Language Selection

English French German Italian Portuguese Spanish

Open source doesn't make software safer

Filed under
OSS

There is this ludicrous paradigm among the technorati that just because a piece of software is developed collaboratively and by enthusiasts with source code shared freely on the web, that automatically makes it more secure and less buggy.

"When everyone can look at your code," runs the argument, "flaws get found more quickly and patches get released almost immediately."

But although everyone can look at open source code, in practice, the only people who do are those involved in developing the software and those trying to create malware that exploits it.

This is exactly the same situation that applies to closed source software, except that it is somewhat harder for the hackers to get their copy of the code.

More here




Another non article

Where this article fails bigtime is it's disregard for reality.

Windows = millions of malware and viruses
Linux = virtually none, and those holes are quickly patched.

So practical reality show his argument is rubbish. Also the assertion that malware attacks Microsoft because it is an attack on "the man" is also spurious. Most modern virus and malware writers are criminals and in it for the money, they do not care who or what company they target, only results.

It is also handy that Linux is inherently more secure by design and sensible Linux people get their software from a repository, not some dodgy warez site or bittorrent.

GregE
Melbourne, Australia

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

today's leftovers

Red Hat News

Linux Devices

Leftovers: OSS

  • Quantifying Benefits of Network Virtualization in the Data Center
    Modern data centers have increased significantly in scale and complexity as compute and storage resources become highly virtualized. The rise of the DevOps style of application deployment means that data center resources must be agile and respond rapidly to changing workload requirements. Data center network technologies have been challenged to keep up with these rapidly evolving application requirements.
  • Apache Zeppelin Joins Several Other Projects Gaining Top-Level Status
    As we've been reporting, The Apache Software Foundation, which incubates more than 350 open source projects and initiatives, has been elevating a lot of interesting new tools to Top-Level Status recently. The foundation has also made clear that you can expect more on this front, as graduating projects to Top-Level Status helps them get both advanced stewardship and certainly far more contributions. Only a few days ago, the foundation announced that a project called TinkerPop has graduated from the Apache Incubator to become a Top-Level Project (TLP). TinkerPop is a graph computing framework that provides developers the tools required to build modern graph applications in any application domain and at any scale. Now, it has announced that Apache Zeppelin has graduated as well. Zeppelin is a web-based notebook that enables interactive data analytics.
  • 6 Open Source Operating Systems for the Internet of Things (IoT)
    Whether you are small to large enterprises, IoT is one of the useful technology that can help you to be connected on-the-go.
  • 6 open source architecture projects to check out
    The world of architecture doesn't change as quickly as software, but architects are still finding new ways to share innovative designs and ideas. The open source architecture movement aims to make architectural designs, drawings, 3D renderings, and documentation freely available for integration into other projects under open source licenses. It owes much of its growth to the growing popularity of the maker movement, DIY culture, 3D printing, and CNC machines, as well as support from architects like Alejandro Aravana.
  • Yorubaname.com has gone opensource, codebase now on GitHub
    Online dictionary for yoruba names, YorubaName, has now made its backlog accessible to the public. In a post on their blog, the guys at YorubaName announced that the website codebase is now on GitHub.
  • A New Version of Rust Hits the Streets
    Version 1.9 of the Rust programming language has been released. Rust is a new language with a small but enthusiastic community of developers.
  • Here's how you can make a career in OpenStack
    OpenStack is one of the biggest open source movements. It is a free and open-source software platform for cloud computing, mostly deployed as an infrastructure-as-a-service (IaaS). The software platform consists of interrelated components that control hardware pools of processing, storage, and networking resources throughout a data centre. According to the official website, hundreds of the world's largest brands rely on OpenStack to run their businesses every day, reducing costs and helping them move faster. OpenStack has a strong ecosystem globally.
  • Compatibility before purity: Microsoft tweaks .NET Core again [Ed: Microsoft lied about .NET going Open Source; just forked it into Open Core version]
    Microsoft's open source fork of the .NET platform, called .NET Core, will be modified for better compatibility with existing applications, says Program Manager Immo Landwerth in a recent post.
  • EMC Ships Open Source Tool for Cloud and IoT Devices
  • Watch Benjamin Hindman Co-Creator of Apache Mesos Speak Live Tomorrow at MesosCon [Ed: Microsoft proxy in a sense]
  • MesosCon Preview: Q&A with Twitter’s Chris Pinkham
  • How to secure your open source code [Ed: more marketing nonsense of Black Duck]
  • Luxembourg launches open data portal
    The Grand Duchy of Luxembourg officially launched its national open data portal data.public.lu on April 8th. This portal, supported by Digital Luxembourg, the government agency in charge of digital affairs in the country, was presented during the Game of Code hackathon.
  • Denmark to accelerate government digitisation
    Open standards The existing shared solutions are to be adopted by all authorities and public sector institutions where relevant, according to a presentation in English. “Shared solutions need to be stable, secure and user-friendly, they will also be easy to implement because the infrastructure is based on open standards.” The strategy, an agreement involving the government, regions and municipalities, was announced on 12 May. It includes 33 initiatives, which among other things deal with ease of use, reuse of data, IT architecture, growth, security and digital skills, DIGST says.