In defence of open source
Jun 28, 2011, 06:01 (0 Talkback[s])
(Other stories by Jason Norwood-Young)
"There are only two ways that this potential theft could have
been detected before the website went live. The first would have
been fairly technically complex. We could have set the site up in a
controlled environment and examined all the information sent in and
out of the system. It would have been time consuming in the
extreme, have required a great deal of technical expertise and
would not have been 100% guaranteed.
"The second way would be for someone to read the code, which is
how we found the problem. For this to happen, we required
open-source software â€" software where the code is
clearly visible, and in this case editable. Not only could we
detect the problem, we could fix it. The site still went live,
without the security issues.
"These are two reasons that as an IT buyer I lean towards
open-source software. If thereâ€™s a problem, I
can identify it and fix it. That doesnâ€™t mean
that I audit every piece of software that I run. There
arenâ€™t enough hours in the day. But
Iâ€™ll often dive in and have a quick look around
before committing to certain software. Poor coding styles and
obvious unnecessary outgoing links should ring alarm bells."