"As a lead-in to his main point, he said: There is no longer any
doubt that hackers and malware writers are going after open source
projects as they once went after Windows. Vulnerabilities are being
found, discovered, created, exchanged.
"There seems to be a common malady amongst opinionated tech
writers--that of never quite getting it when it comes to the
fundamental principles of security. A particular favorite for being
ignored is that of security through obscurity.
"Many many moons ago, I wrote what I think is a decent treatment
of the subject as it applies to open source software, Security
through visibility. While it makes a pretty strong case for
ignoring the bleatings of "popularity is insecurity" doomsayers,
it's really only the first step toward full understanding of all
the problems with the assumption that the only thing "secure" about
open source software is obscurity."
