Security Basics mailing list archives
Re: Why open source software is more secure
From: Adriel Desautels <adriel () netragard com>
Date: Thu, 08 May 2008 13:40:00 -0400
Greetings,We recently did an "internal" study against closed source software and open source software. During the study we focused on security appliances, commonly used applications, and common web applications. The goal of the study was to identify which on average was more secure.
Open Source software won hands down. The reason why we believe that Open Source software came out on top is because it is exposed to the community and is scrutinized by talented developers around the world. The same can not be said about closed source software. Closed source software is only scrutinized by the people who build it.
This is akin to network security. Companies are usually required to bring in third parties to assess their network. They can't effectively assess their own work, because it is their work.
There are many good software vendors that create fairly secure and well written products. Buying technology from those vendors means that you get their support. It also means that you have someone to fall back on if things don't go your way. It does not mean that you are getting the highest quality product though.
Hope this made sense. Regards, Adriel T. Desautels Chief Technology Officer Netragard, LLC. Office : 617-934-0269 Mobile : 617-633-3821 http://www.linkedin.com/pub/1/118/a45 Join the Netragard, LLC. Linked In Group: http://www.linkedin.com/e/gis/48683/0B98E1705142 --------------------------------------------------------------- Netragard, LLC - http://www.netragard.com - "We make IT Safe" Penetration Testing, Vulnerability Assessments, Website Security Netragard Whitepaper Downloads: ------------------------------- Choosing the right provider : http://tinyurl.com/2ahk3j Three Things you must know : http://tinyurl.com/26pjsn aliasghar.toraby () gmail com wrote:
sapran wrote:The main goal of a software vendor is not to bring you a _good_ product, but to sell it you. That is the only truth about that. That's why the product might be fully featured, nicely decorated and published on time: the vendor is economically motivated to make it this way. But there's no sense to make it secure and stable because the only motive for this is liability which does not exist software industry. There are two ways for things to become better. The first one is fully described by Bruce Schneier it his "Secrets and Lies", the top book to be read by all 'connected' folks. Its increasing of liability to the level of its presence in other industries, for ex. banking or plane building. And there is another, more utopic, to ignore the business motives during the process of software development. It may remind you the methods of decreasing of unemployment proposed by Marks: to remove market economy at all. But this is a topic to be thought out I guess, so your comments are welcome.What do you mean about security?I think that policy give a guaranty and security. And open source is a safe policy.
Current thread:
- Why open source software is more secure sapran (May 08)
- Re: Why open source software is more secure Ali, Saqib (May 08)
- Re: Why open source software is more secure Chad Perrin (May 08)
- RE: Why open source software is more secure David Harley (May 08)
- RE: Why open source software is more secure Hayes, Ian (May 08)
- Re: Why open source software is more secure Chad Perrin (May 08)
- Re: Why open source software is more secure aliasghar.toraby () gmail com (May 08)
- Re: Why open source software is more secure Adriel Desautels (May 08)
- Re: Why open source software is more secure Ivan . (May 09)
- Re: Why open source software is more secure Alexander Klimov (May 12)
- RE: Why open source software is more secure Robinson, Sonja (May 12)
- RE: Why open source software is more secure Craig Wright (May 13)
- RE: Why open source software is more secure Hayes, Ian (May 13)
- Re: Why open source software is more secure Chad Perrin (May 13)
- RE: Why open source software is more secure Robinson, Sonja (May 12)
- Re: Why open source software is more secure Ali, Saqib (May 08)
- RE: Why open source software is more secure Craig Wright (May 13)
- <Possible follow-ups>
- Re: Why open source software is more secure zenmasterbob123 (May 08)
- RE: Why open source software is more secure Murda Mcloud (May 09)
- RE: Why open source software is more secure Chuck Taylor (May 09)
- RE: Why open source software is more secure Murda Mcloud (May 09)