IBM developerWorks: The security implications of open source softwareMar 31, 2001, 20:30 (4 Talkback[s])
(Other stories by Natalie Whitlock)
[ Thanks to Kellie for this link. ]
"To some, closed source means hidden, secret -- and more secure. In reality, many of the most secure systems available today are based on the open source model."
"Traditionally, secrecy has meant security. You lock up your house, your automobile, your valuables. In the software community, you "lock up" the programming source code as a means of securing it against hackers and competitors. To the closed source camp, a system can't be truly secure when its source is open for all to read. Secrecy is security, and when applied to an otherwise secure system, concealing the source improves the security. It slows up intruders and, in the event of a breech, keeps damages at a minimum. Another argument is that with freely available blueprints, crackers will have it easy writing malicious code to attack systems."
"What, then, about the security of open source software? Open source software, by definition, is any program or application that is freely distributed, non-platform specific -- and in which the programming code is open and visible. All else being equal, isn't a closed program more secure than an open one?"