Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security of Open vs. Closed Source Software

Posted by michael on from the flame-retardant-suit dept.

morhoj writes "Cambridge University researcher Ross Anderson just released a paper concluding that open source and closed source software are equally secure. Can't find a copy of the paper online yet, but I thought this would make for an interesting morning conversation. You may not agree with him, but anyone who's on the BugTraq List can tell you that open source software isn't as bug free as we would all like to think." I found Anderson's paper, so read it for yourself. There are some other interesting papers being presented at the conference as well.

4 of 349 comments (clear)

  1. Science software by PhysicsGenius · · Score: 0, Troll
    As a physicist I work with some of the most intensive and expensive software in the world. That's why, back in 1998, I chose Linux for all our simulation and embedded device needs. I was happy at my choice because Linux is flexible, powerful and cheap.

    However, due to the possible weapons applications of our work, security is a big issue. So in 2001 the Feds came in to audit us. When they saw we were using Linux they almost shit a brick. Apparently the GAO (General Accounting Office) has done a lot of work checking the kernel code and has found many many security errors and is recommending that sensitive sites not use the bug-riddled OS.

    I tried to tell these guys to have the GAO just submit patches to Linus, but they told me to install Windows 2000 instead. *shrug* What're ya gonna do?

  2. In Other News by 0101000001001010 · · Score: 0, Troll
    And in other news, new research has finally proven that:

    Less peer review actually improves scientific accuracy

    Fewer engineers lead to safer cars

    Oh well, at least we can wait for the amusing PR spins that MSFT can put on this.

  3. Re:MBTF My Ass by lucifuge31337 · · Score: 0, Troll

    Software and security don't "wear out". If they seem to, they were broken in the first place.

    Then why do my Win2k installs slow down to a crawl after a few weeks and require a re-install to work properly?

    Oh yeah....you already explained that. Broken to begin with.

    ....or is it all the pr0n?

    --
    Do not fold, spindle or mutilate.
  4. Well, actually ... by Tim+Ward · · Score: 1, Troll

    ... Microsoft do list their bugs online (ever heard of the Knowledge Base)?

    Few other closed source suppliers come remotely close to this - some try, a bit, but they just don't put in the investment.

    OK, the KB doesn't answer everthing, and you have to Google usenet sometimes, ie at the end of the day you can be reduced to using the only resource that is available for tracking open source bugs.