Slashdot Mirror

← Back to Stories (view on slashdot.org)

Undocumented Open Source Code On the Rise

Posted by Soulskill on from the exercise-for-the-reader dept.

ruphus13 writes "According to security company Palamida, the use of open source code is growing rapidly within businesses. However, the lack of documentation and understanding of how the code works can increase the vulnerability and security risks the companies face. OStatic quotes Theresa Bui-Friday saying, 'In 2007, Palamida's Services team audited between 300M to 500M lines of code for F500 to venture-backed companies, across multiple industries. Of the code we reviewed, Palamida found that applications written within the last five years contain 50% or more open source code, by a line of code count. Of that 50% of open source code, 70% was undocumented. This is up from 30% in 2006.' How can businesses protect themselves and still draw on open source code effectively?"

2 of 94 comments (clear)

  1. Streaming video by Meneth · · Score: 0, Offtopic

    I've recently been trying to implement streaming video in a cross-platform system, and the main open-source libraries, ffmpeg and Live555... well, Live555 at least has unstable release packages. That's the best I can say about their project management. :/

  2. Re:Not just for security by Ethanol-fueled · · Score: 1, Offtopic

    I agree, that metric sounded much too high for open-source. The 70% up from 30% was actually the incidence of undocumented Hispanic workers in the US's past few years. Statistical cross-contamination?