Open Source IT: The Myth of Open Source Security
May 26, 2000, 18:16 (3 Talkback[s])
(Other stories by John Viega)
[ Thanks to Dan Orzech
for this link. ]
"An author of the open source Mailman program explains why
open source is not as secure as you might think -- using security
holes in his own code as an example."
"Open source software projects can be more secure than closed
source projects. However, the very things that can make open source
programs secure -- the availability of the source code, and the
fact that large numbers of users are available to look for and fix
security holes -- can also lull people into a false sense of
security."
"Eyes that look do not always see
With people motivated to look at the source code for any number of
reasons, it's easy to assume that open source software is likely to
have been carefully scrutinized, and that it's secure as a result.
Unfortunately, that's not necessarily true. "
Complete
Story
Related Stories:
- BeOpen.com: Security Beyond the Garden of Eden(May 18, 2000)
- ISP-Planet: SSH: From Secure Administration to Virtual Private Networking(May 16, 2000)
- InfoWorld: Intel releases [Open Source] security implementation(May 16, 2000)
- Freshmeat: Security Issues of Auto-upgrades(May 13, 2000)
- SRO: Exclusive Security Survey Results(May 04, 2000)
- Inter@ctive Week: Linux: Testing, Security Concerns Raised(May 02, 2000)
- German goverment recommends immediate actions for a secured Internet(Apr 30, 2000)
- LinuxDevices.com: Startup announces open source security solution(Apr 24, 2000)
- Security Portal: Open Source - Why it's Good for Security(Apr 18, 2000)
- SecurityFocus.com: Wide Open Source - Is Open Source really more secure than closed?(Apr 17, 2000)
