“Open Source systems aren’t inherently more secure than
propriety systems — unless the designers make security a priority,
according to several security experts speaking at a conference
Monday.”
“Panel moderator Peter G. Neumann, from SRI International,
argued that Open Source development, which he called “open box,”
presents both opportunities of “many eyes” finding software bugs
that compromise security, and a challenge when some of those eyes
aren’t friendly.”
“By itself, the open box paradigm is not a solution, but my
contention is it affords us enormously more opportunity that the
closed-source model,” said Neumann, speaking at a panel during
the 23rd National Information Systems Security Conference in
Baltimore, Md. “The problem with [the many eyeballs concept] is if
your system is lousy to begin with, the bad guys have a lot of
eyeballs.”