Open Source For Perimeter Security

An anonymous reader writes "IT Observer has a look at some of the perceived problems with an OpenSource approach to security and what could be done to improve the situation. From the article: 'There is a widespread and wholly inaccurate impression that open source development is somehow haphazard and undisciplined, a free-for-all among brilliant but uncoordinated individuals. In fact, most major open source projects are very tightly managed highly disciplined teams. This article gives examples of very successful Open Source security projects -- netfilter and Snort -- and also describes some weaknesses that need to be addressed by IT organizations or vendors.'"

Socrates on Security

[neoshroom]

When it comes to Linux versus Windows it is almost a matter of philosophy.

"The unexamined [code] is not worth [coding]." -- Socrates (Apology 38a)

__
Elephant Essays - Custom-created essays and research papers.

Marketeer shows how to pitch open source...

[xxxJonBoyxxx]

"An excellent example of a cutting-edge open source effort is the netfilter project (www.netfilter.org), a Linux-based packet filter that features stateful firewalling, Network Address Translation (NAT), load balancing, and other kinds of packet mangling. The project was founded in 1999 in Australia and has now grown to more than 100,000 lines of code contributed by over 700 developers. There are currently about 300 active developers submitting about 1,400 postings a month to the development mailing lists. The core team consists of 4 members who winnow down the submissions to an average of 65 code improvements and fixes per month. "

"By Walter Schumann, VP Sales and Marketing, Astaro"

You Slashdotters may make fun of marketing people, but I think Walter just showed you how YOU need to make your pitch for your favorite open source project at your company.

Forgot some ingredients...

[shmlco]

"In fact, most major open source projects are very tightly managed highly disciplined teams."

Which is one of the reasons they became major open source projects in the first place. Of course, that tightly managed highly disciplined team ALSO needs to be working on something we all want, and the end result needs to do the job, and do it well.

Open Source Security Nomenclature

[digitaldc]

perceived problems with an OpenSource approach to security and what could be done to improve the situation.

Could it possibly have something to do with the fact that some people just don't like having the words 'Open Source' attached to their computer security? Maybe rename it to something like 'Closed Fortress OS' or 'Locked Down OS' to give a more positive ring to it?
Maybe I am just thinking about it too much.

my 2 cents

[Jaqui]

I'm sorry, but I find the constant argument that open source is less secure because everyone can see the source to be a silly waste of effort, usually promoted by the commercial security software vendors.

They ignore that the driving principle in open source development is quality software, so everyone who works with it is always looking to find the flaws and remove them.

Neither is inherently more secure, open source has the benefit of more people actively working to improve the code base than any commercial software company can afford to pay. That includes Microsoft. Yes, Microsoft cannot afford to pay the same number of programmers as are actively donating code improvements to open source software solutions.

Those of us that use open source software are more likely to learn the code to improve software we like than those using proprietary products are likely to do anything to help improve the software, including submitting the automatic crash reports that most software has implemented.
[ I personally don't use that even with open source software, running gdb against the core, then seeing what caused the crash and submitting a patch is more usefull. ]