Submission + - Insecurity in Open Source (?)
savio13 writes: "Benjamin Chelf, CTO of Coverity has an viewpoint at BusinessWeek that begins:
"Conventional wisdom holds that open-source software should have fewer security flaws than proprietary software. With more eyes able to look at the underlying source code, bugs should be found and squashed much faster.
But when software security and quality really matter — like crossing the Atlantic on a jet airliner — trust me, you want to fly proprietary."
His view that OSS is no more secure than commercial software is based on research that his company did with the Department of Homeland Security & Stanford. The research involved the analysis of 50 popular OSS projects and comparing the results to related commercial software products.
PS: I don't agree with the findings above, nor are they supported by my personal or professional experience with OSS, so don't shoot the messenger."
"Conventional wisdom holds that open-source software should have fewer security flaws than proprietary software. With more eyes able to look at the underlying source code, bugs should be found and squashed much faster.
But when software security and quality really matter — like crossing the Atlantic on a jet airliner — trust me, you want to fly proprietary."
His view that OSS is no more secure than commercial software is based on research that his company did with the Department of Homeland Security & Stanford. The research involved the analysis of 50 popular OSS projects and comparing the results to related commercial software products.
PS: I don't agree with the findings above, nor are they supported by my personal or professional experience with OSS, so don't shoot the messenger."