How misinformation can still hurt FLOSS
There seems to be a bit of confusion out there about what open source means in terms of security: specifically, there's a pervasive notion that because software is open source, it's inherently insecure.
Apparently these folks have completely forgotten about software like sendmail, Apache, MySQL, SSH, and oh, what's that platform called… the one with the penguin… oh yeah: Linux. The applications and platforms are regarded in the industry has highly secure and generally free of malware in the wild.
And yet, when Google Open Source Programs Manager Chris DiBona recently quoted an article that said that "critics have been pounding the table for years about open source being inherently insecure," I decided to locate that article... I found myself running smack into what I believe is a serious error.