Re: question re opensource security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




This paper by Ross Anderson of Cambridge poses a pretty solid arguement
against open source, not that I agree with it, but its a good arguement:

http://www.net-security.org/dl/articles/toulouse.pdf

This article from news.com talks about how open source and closed source
are equally secure:

http://news.com.com/2100-1001-938124.html

Next is a link to a list of papers presented at the Open source
software conference:

http://www.idei.asso.fr/Commun/Conferences/Internet/OSS2002/Divers/FramePapers2002.html

As for specific studies with concrete numbers, I don't know of any.
However, the papers at the 3rd link pose some pretty interesting theories,
even though I have never gotten around to reading all of them.

The one that might be of particular interest to you are the ones by
Jennifer Kuan, which speaks about Open Source Quality, and Roger Needham
which speaks about Security in Open Source.

My $0.02 is pretty much in agreement with your "truisms".  So no need to
say it again.

--
Eric Lubow
Guardian Digital Inc.
http://www.guardiandigital.com/ 


On Tue, 29 Oct 2002, dan tynan wrote:

> 
> OK, I have a question, and I'm hoping some Open Source wonks out there can
> answer it for me.
> 
> First, a couple of truisms about open source software:
> 
> 1. It suffers fewer flaws than proprietary software, thanks to the nature of
> open source review.
> 
> 2. When flaws are discovered in open source code, they're fixed faster,
> thanks to open source review, etc etc.
> 
> My question: Has anyone ever conducted any studies or surveys that bear out
> these truisms? Do you know of any research that suggests open source
> software is less flawed and fixed faster?
> 
> If you do, please post the answer here or email me at
> OpenSeeker2002@yahoo.com.
> 
> Thanks.
> 
> D.Wood



------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux