Open Source For Perimeter Security

An anonymous reader writes "IT Observer has a look at some of the perceived problems with an OpenSource approach to security and what could be done to improve the situation. From the article: 'There is a widespread and wholly inaccurate impression that open source development is somehow haphazard and undisciplined, a free-for-all among brilliant but uncoordinated individuals. In fact, most major open source projects are very tightly managed highly disciplined teams. This article gives examples of very successful Open Source security projects -- netfilter and Snort -- and also describes some weaknesses that need to be addressed by IT organizations or vendors.'"

my 2 cents

[Jaqui]

I'm sorry, but I find the constant argument that open source is less secure because everyone can see the source to be a silly waste of effort, usually promoted by the commercial security software vendors.

They ignore that the driving principle in open source development is quality software, so everyone who works with it is always looking to find the flaws and remove them.

Neither is inherently more secure, open source has the benefit of more people actively working to improve the code base than any commercial software company can afford to pay. That includes Microsoft. Yes, Microsoft cannot afford to pay the same number of programmers as are actively donating code improvements to open source software solutions.

Those of us that use open source software are more likely to learn the code to improve software we like than those using proprietary products are likely to do anything to help improve the software, including submitting the automatic crash reports that most software has implemented.
[ I personally don't use that even with open source software, running gdb against the core, then seeing what caused the crash and submitting a patch is more usefull. ]