Linux Today: Linux News On Internet Time.

Open Source IT: The Myth of Open Source Security

May 26, 2000, 18:16 (3 Talkback[s])
(Other stories by John Viega)

[ Thanks to Dan Orzech for this link. ]

"An author of the open source Mailman program explains why open source is not as secure as you might think -- using security holes in his own code as an example."

"Open source software projects can be more secure than closed source projects. However, the very things that can make open source programs secure -- the availability of the source code, and the fact that large numbers of users are available to look for and fix security holes -- can also lull people into a false sense of security."

"Eyes that look do not always see
With people motivated to look at the source code for any number of reasons, it's easy to assume that open source software is likely to have been carefully scrutinized, and that it's secure as a result. Unfortunately, that's not necessarily true. "

Complete Story

Related Stories: