You are here: Home / Gov2.0 / Open Source Software: More reasons it is more secure

Open Source Software: More reasons it is more secure

August 15, 2009 By

Software designed by open source standards has security built in and has been found to be fielded with far fewer faults per unit of code than proprietary development houses.  There are many reasons for this.  This factor is especially true when the open source code is commercially supported.  For example, Linux, which has the strength of a huge open community and also the strength of thousands of paid developers from great companies like IBM, Oracle, Sun, Novell and now even Microsoft (that is a long story, but a great trend I hope continues).

There are many myths out there on this subject.  Some of those myths are just misunderstandings, I’m sure.  Others are the kind of things that sales folks or others with vested interest in their company’s stock price like to encourage.  Human nature is at play here, and when you mix in a misunderstanding with some bias the result can sometimes be an amplifying effect on the myth.

Sometimes what we need is a little myth busting.

That is why I’m so happy to see a new series of videos on Youtube by IngresCorp.  These are short clips that deliver easy to understand messages.

Is it possible that companies like Ingress, Redhat, Oracle, Sun, IBM and others that support open source software are as biased about open source as the proprietary folks are biased about their way? I guess that goes without saying. CTOs should be able to sort that out, that’s what we get paid for.

My bias: every developer, every Project Manager, every systems engineer, every CIO and every CTO should have the freedom to evaluate solutions best for their task at hand.  But in general they should consider commercially supported open source first.  One of the  reasons is that it is more secure.

Filed Under: Gov2.0, Open Source Tagged With: , , , , , , , , , ,
About BobGourley

Bob Gourley is the editor of CTOvision.com and is the founder and Chief Technology Officer (CTO) of Crucial Point LLC, a technology research and advisory firm. Bob was named one of the top 25 most influential CTOs in the globe by Infoworld in 2007, and selected for AFCEAs award for meritorious service to the intelligence community in 2008. He was named by Washingtonian as one of DC’s “Tech Titans” in 2009. Bob was named one of the “Top 25 Most Fascinating Communicators in Government IT” by the Gov2.0 community GovFresh.

Post comment as
twitter logo facebook logo
Sort: Newest | Oldest
Roman

Red Lobster is one of my favorite restaurants, although I haven't eaten there in a long time. However, a friend of mine recently gave me a coupon and told me that the restaurant has just added 3 new Mediterranean flavored dishes to their already mouthwatering menu.

share
  • spam
  • offensive
  • disagree
  • off topic
 Like
Missouri

Well I always use some open source software and I am very satisfied with it. I do not say that all these software work perfectly, but I think that everyone can choose from the huge variety the best ones for himself. Despite of that I think that it is also safer to buy software than to download for free. Everyone has a choice. Anyway thanks for the interesting post. Sincerely, Patrick Miterson from custom software development

share
  • spam
  • offensive
  • disagree
  • off topic
 Like
PatrickN

Well I always use some open source software and I am very satisfied with it. I do not say that all these software work perfectly, but I think that everyone can choose from the huge variety the best ones for himself. Despite of that I think that it is also safer to buy software than to download for free. Everyone has a choice. Anyway thanks for the interesting post.Sincerely, Patrick Miterson from <a rel="dofollow" href="http://www.azoft.com/" rel="nofollow">custom software development

share
  • spam
  • offensive
  • disagree
  • off topic
 Like
Joe Mazzafro

Bob, You are right that Oracle pays in house developers lots of money to keep Linux as bug free and secure as possible. My concern is the vulnerability of open source code to "war reserve mode (WARM)" exploitation where hackers can study the code and develop exquisitely effective maleware for one time devestating use like medical virus with hard to detect symptons and no vacine. I understand proprietary software is subject to reverse engineering that could be nearly as dangerous so it would seem in cyber security the inherent advantage goes to the attacker vice even the altered defender joemaz

share
  • spam
  • offensive
  • disagree
  • off topic
 Like
Bob Gourley

Joe in my opinion you seem to have a mis-perception about who is writing major proprietary code and the relative ease of inserting malicious war reserve mode (WARM) capabilities into major proprietary code base or open source code. Increasingly code is being written by global teams, some of which are in a position where hostile powers can perhaps exert influence. There could be a threat in open source like that, but if so at least the odds of finding the trap is greater since there are many eyes on the code. If they put bombs like that in proprietary code the odds of their success increases, I think.

share
  • spam
  • offensive
  • disagree
  • off topic
 Like