Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Cites Open Source Core Security

Posted by pudge on from the you-wily-software-vet-you dept.

ChilyMack writes "In a CNet article, Apple senior vice president Bertrand Serlet says, 'A lot of security problems derive from the core ... [With open source code,] thousands of people look at the critical portions of source code and ... check those portions are right. It's a major advantage to have open-source code.'"

8 of 69 comments (clear)

  1. Yeah... by shfted! · · Score: 4, Funny

    With the skin peeled off the Apple, and the raw core exposed, it's easy to remove the rotten bits. Getting rid of the rotten bits is good, as it reduce the number of worms.

    --
    He who laughs last is stuck in a time dilation bubble.
  2. ...and this is why we love Apple. by keiferb · · Score: 4, Insightful

    They're a (relatively) big company. Big companies are supposed to be evil, yet they do lots of Good Stuff(tm) like supporting and using OSS.

    This is what Apple's always done that's kept them around... their products are dirt simple, yet really powerful in hands that know how to put them to work.

    In the words of a motivational book-on-tape foisted on me recently, it's not enough to have satisfied customers, you need to create raving fans. I bought my first Apple (Pbook G4 1.25) in May, and I've been raving about it ever since. mmm.... iMac...

  3. Odd they bring this up now by Black+Cardinal · · Score: 4, Interesting

    Especially considering how just a few days ago Steve Jobs was saying in an interview here. [alwayson-network.com] how they were trying to not be blatant about trumpeting this advantage to avoid becoming a target for viruses and other security breaches.

    Although, if Steve Jobs points that out in an interview, then how low-profile can it really be?

  4. Re:It's the open source! by Frequency+Domain · · Score: 5, Insightful
    95% of users are using Windows, making it, not Mac OS X with its market share smaller than that of Linux, a high value target.
    By that logic Apache should have more exploits than Microsoft's web server, since Apache has the major market share. Since that's not so, it seems that vulnerability is a bigger factor than market share when it comes to picking targets.
  5. open source is like proofreading by spineboy · · Score: 4, Insightful
    Open source works for exactly the same reason why you have someone else proofread your paper/thesis before you turn it in. You've seen it so many times, that you don't really look at it anymore. A fresh pair of eyes will spot all sorts of wrong things, or come up with a more elegant way of stating something.

    I mean seriously - if something is important to you, do you just turn it in w/o someone else giving it the once over? My wife reads every talk I give and vise-versa. WE ALWAYS catch mistakes that the other person has made.

    It's a no-brainer.

    --
    ..........FULL STOP.
    1. Re:open source is like proofreading by TheLink · · Score: 4, Insightful

      Most significant security problems are only detected by a few experts in the field.

      A million ignorant eyes won't be able to spot a buffer overflow even if it bites them.

      --
  6. Re:It's the open source! by prockcore · · Score: 4, Insightful

    By that logic Apache should have more exploits than Microsoft's web server, since Apache has the major market share. Since that's not so, it seems that vulnerability is a bigger factor than market share when it comes to picking targets.

    You've misunderstood what the "Apache versus IIS" example represents.

    It shows that open source can be secure. Apache is indeed a more attractive target because it does have a larger marketshare. However, attacks are unsuccessful because Apache is more secure than IIS.

    This doesn't mean that marketshare is irrelevant. Quite the opposite. It means that good code can withstand the added attention a marketleader attracts.

    You cannot make a parallel between Apache and OSX however. Apache is a product that proves a concept is sound; that open source can be secure even when it is a very attractive target. This doesn't mean all open source is secure, and it certainly doesn't mean that OSX won't be targetted more as its marketshare increases. OSX will be targetted more.

  7. Re:Totally misses the boat on security by node+3 · · Score: 4, Insightful

    "People have an irrational hate for Microsoft"

    I wouldn't call it irrational. Sometimes people vent their anger irrationally, but the cause of that anger is generally quite rational indeed.

    And your assertion:

    "So really, there are two reasons why Mac OS has not had mass exploits:
    1.) Obscure
    2.) Not an emotional target"

    is pure speculation. If they were the sole reasons, then you'd expect at least one actual exploit to surface in the wild. I'm sure they are factors, but how about it's easier to write viruses/worms/trojans for Windows? And the fact that MS waits so long before security updates?

    In short, there are not, simply, "two reasons why Mac OS has not had mass exploits".