Foreign Policy magazine has a fantastic piece of FUD on open source software which is “enchanting” the public sector around the world…
Across the globe, politicians are embracing open-source software with grand pronouncements and great expectations. Although they are correct to identify potential benefits, software is far more complicated than their talking points, and it may disappoint those with outsized hopes.
The bloggers at InfoWorld have set about debunking some of the technical points:
Benner[, the author] misunderstands the security benefits open source offers. It’s not that open source is inherently more secure - it is, after all, just software that someone has written, just as proprietary software is.
The real difference is in the visibility both “good guy” developers and hackers have into the source code. If someone cracks a security flaw in Linux, for example, I don’t need to wring my hands and wait for Microsoft to fix it (at their leisure, and when it’s good for their quarter). Instead, any active Linux user with competency can report and/or fix the problem. It is the breadth of the developer population available to fix a problem - 24 hours/day, 365 days/year - that is arguably open source’s great security asset.
It’s also worth pointing out that the article gives the following information on the author…
From 2001 to 2003, Ms. Benner was a consultant with the geopolitical policy and strategy group at Microsoft.
Before beating up on open source’s reputation for security, perhaps she should check with her old employers, who this week announced the inclusion of an open source security feature in Vista that will help fend off automated malware attacks.
While we’re on the subject, China this week announced that all future acquisitions of computer hardware must be Linux compatible and the German region of Saxony’s tax office’s switch to Linux started in earnest last week.