While clearly closed source is no more likely to be randomly secure than open source, the fact that the source is available for open source (by definition!) does perhaps change the equation a bit. The question I have ZERO data to answer is:
Are more vulnerabilities found by attacking the executing code, or by examining the source and finding holes? I'd be unsurprised to find either that there is extensive research on this, or that nobody has analyzed it at all. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
