On Wed, 3 Jun 2009 18:21:28 +0200 (CEST), Wojciech Puchar 
<woj...@wojtek.tensor.gdynia.pl> wrote:
> open source - just by being opensource - can't guarantee anything more 
> that availability of sources.
> 
> It's important to stay away of all that hype that opensource programs are 
> just better.
> 
> Many are, many not.

I'd like to add that IF security problems get discovered in OSS,
it's usually just a matter of few time that this problem gets
corrected. This is mostly because the public is able to look at
the source code, so many programmers with different approaches
and opinions can evaluate a certain security concept, and harden
it that way. There is no need even to rely on someone else to
fix it - you can fix it yourself.

In MICROS~1 land, you give yourself entirely into the hand of a
corporation that is not interested in selling secure products,
but ANY products, so you can't be sure that with the next release
you can buy, a known security problem has been corrected - and if
new problems are just delivered the same way.

A counter-example is VMS. It is a commercial product, but highly
reliable and secure.

(Allthough, the sayings about the human being the weakest point
in security considerations applies there, too.)


-- 
Polytropon
>From Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to