“The stakes are higher now as businesses connect in a mesh of
dot-com relationships. Even if an IT shop isn’t considering
open-source security, its partners and customers are.”
“The security debate pits two theories against one another —
“many eyes” vs. “security by obscurity.” Open-source projects such
as Linux follow the many eyes principle, which states that the more
developers working on code and the fewer secrets, the harder it is
to compromise the software because more people will detect issues
and fix them.”
“”I tend to lean toward the open-source model for a couple of
reasons,” said Kelly Fulks, systems administrator at Huntsville
Hospital, in Huntsville, Ala. “You have more people looking at the
code, and if something goes wrong, we totally control the fix. It’s
lower cost, and it’s always better to invest in people talent
instead of paying for software.” The hospital uses Sendmail.”