| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Is Open-Source Code Really Examined for Security Any More Than Closed-Source Software? | |
|
||
| Time: 18:55 EST/23:55 GMT | News Source: eWeek | Posted By: Robert Stein | ||
|
The usually simmering open source vs. closed source debate boiled over recently following the leak of Windows source code on the Internet. And it boiled over here too. Some 95 percent of the response to my column on the Windows source code leak and what it might indicate about the value of closed-source code as a security technique said that I didn't get the point: Since open source is open, it gets a better code review. Anyone can get the source, look at it and find problems in it. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 307 Last | Next |
The time now is
2:38:21 PM
ET.
Any comment problems? E-mail us |
| #1 By 21203 (4.5.32.137) at 2/24/2004 10:54:37 PM |
| Oh no ... not this again :) |
| #2 By 2332 (65.221.182.2) at 2/24/2004 11:29:56 PM |
| Excellent article. |
| #3 By 19992 (68.69.127.19) at 2/25/2004 8:04:58 PM |
|
Parker - I wouldn't say that there has been a huge drop in security bugs. I think that Win2K had something like 39 bugs in it's first year and Win2K3 has had 13 or so in the first 6 months (I haven't looked past October on that one). They are definately improving, but they've got a ways yet to go.
Linux has pretty much always had a new kernel each month. But, MS has also updated their "Core OS" consisting of IE, WMP and Windows (according to MS in court) once a month for awhile as well. I'm not sure what the hundreds of updates needed for applications has to do with the Linux kernel. There are just as many (maybe more) bugs in closed source applications as there are in open source applications. "I think VMS and OpenBSD sets higher standards for the underlying OS. But even they are becoming more insecure as they load up every buggy, insecure open source app onto the OS." Umm... VMS has been running open source software for many years, and OpenBSD is open source. |
| #4 By 7754 (216.160.8.41) at 2/25/2004 10:09:23 PM |
| I hope you're not equating the Linux kernel with Windows, IE, WMP, etc., happyguy. If you want to compare, you should be comparing the Linux kernel with the ntoskrnl. |
| #5 By 19992 (68.69.127.19) at 2/25/2004 10:44:55 PM |
|
bluvg - You're being to pedantic. A Linux kernel release includes alot more than just the kernel. If it didn't we'd be looking at a new kernel (about) every other month. If we count what goes into the Linux kernel release and applied it to the Windows world we'd have a new "kernel" about once a month as well.
This post was edited by happyguy on Wednesday, February 25, 2004 at 23:22. |
| #6 By 19992 (66.101.204.156) at 2/26/2004 8:42:33 AM |
|
#10 At least one of those critical updates is a cumulative update which I counted as three update. Also, I never differentiated between critical and important updates. I was going under the generic 'security updates' moniker for reasons such as this
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-045.asp It's a security bug, just not critical. Other than that, I agree with the rest of your post completely. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 307 Last | Next |
The time now is
2:38:21 PM
ET.
Any comment problems? E-mail us |
