Linux Today: Linux News On Internet Time.

More on LinuxToday Welcome to the new FOCUS on Linux

Apr 12, 2000, 01:27 (0 Talkback[s])
(Other stories by Bruce Perens)

WEBINAR: On-demand Event

Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >

"I'm glad to see the new Linux area at SecurityFocus! With the rapidly increasing acceptance of Linux in the enterprise, sites like this are essential. But the most important part of coverage by SecurityFocus is the fact that they will also continue to cover Microsoft Windows. That will let readers compare the security of the Linux and Windows in real life, over time. Time and the coverage by SecurityFocus will tell us if our theories about Open Source and security are true. Let's talk about some of those theories:"

"Security experts say that an Open Source system should be more secure than a closed-source one like Windows. The reason is that closed-source software allows computer criminals to probe its security flaws while it discourages the "white hat" programmers who would find and fix security problems. An ethical programmer might read the source code for Linux out of curiosity, to solve a problem, or to routinely patrol for security problems. Many people read Linux this way every day, and this process has come to be known as "The Many-Eyes Effect". With so many people scrutinizing the Linux code, problems are likely to be found before they happen. Even if a problem slips by, there are a lot of people who, by virtue of having read large parts of the source code, are qualified to fix Linux security problems. The result to date has been that a recent study published here says that problems pointed out in security advisories about Linux are repaired in approximately half the time needed for Microsoft to close equivalent problems in Windows."

"The expanding user community and coverage by sites like SecurityFocus will allow us to keep track of Linux security over time, and compare it with Microsoft Windows and other systems. Linux developers like me will be working hard to provide a more secure operating system - for us it's not just a job but also a matter of pride."

Complete Story

Related Stories: