Bernd Eilers wrote:
John Rotomano wrote:
[...]
Though, I guess, since Ooo is open source it must be eaier to
discover security vulnerabilities, because any malicious person can
read the code and find holes
And every friendly person can find holes and fix them too or point
others to questionalbe code for for fixing. I believe most holes found
are found by security analysts not being on the "dark site of the
force" anyway. Thus it must be easier and faster to fix security
vulnerabilities in an open source enviroment ;-) And every friendly
person capable of doing some development can have a look at the source
or can have automatic test tools run on the source which makes the
source generally more stable and security holes less likely.
Just depends on how you look at it, doesn´t it. So how many people do
you think actually are on the "dark site of the force" and how many
good volunteers do we have?
You just have to look at the time between when a security hole is
being detected and an exploit (if ever) is being tried and try to get
security-fixes out as early as possible.
While this article is aimed at Linux vs Windows, it applies to
opensource vs closed in general. Ask yourself why Apache is more secure
than IIS.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
