> This is a good argument for using FLOSS (free licence open source software) > as > much as possible. The points being (a) since source code is fully open to > scrutiny, problems can be researched by many people - there are more white > hats than black hats out there; (b) issues which are detected tend to be > fixed PDQ in comparison with similar issues in proprietary software.
Research by Ross Anderson's group at Cambridge, staunch supporters of free software, surprised him and his colleagues when they satisfied themselves that the claim above has very little support in reality. Their detailed analysis showed that the availability of source code aids the bad guys just as much as it does the good guys. Unavailability of source code hinders the bad guys just as much as it does the good guys. Summary: availability of source code makes no difference from the point of view of availability of security vulnerabilities and their exploitation. I leave open the question of whether open source has other advantages. Paul _______________________________________________ Prime mailing list [email protected] http://hogranch.com/mailman/listinfo/prime
