Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 3 Jun 2009 18:50:39 +0200
From:      Polytropon <freebsd@edvax.de>
To:        Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl>
Cc:        Glen Barber <glen.j.barber@gmail.com>, cpghost <cpghost@cordula.ws>, freebsd-questions@freebsd.org
Subject:   Re: Open_Source
Message-ID:  <20090603185039.54cdd820.freebsd@edvax.de>
In-Reply-To: <alpine.BSF.2.00.0906031820220.52712@wojtek.tensor.gdynia.pl>
References:  <4ad871310906020843n3e7dc96ap28d5d622e844abf1@mail.gmail.com> <alpine.BSF.2.00.0906021757290.2065@wojtek.tensor.gdynia.pl> <20090603004914.73f40a60@gluon.draftnet> <alpine.BSF.2.00.0906030848330.49751@wojtek.tensor.gdynia.pl> <20090603091800.GA1177@phenom.cordula.ws> <alpine.BSF.2.00.0906031120260.50636@wojtek.tensor.gdynia.pl> <20090603102720.GB1349@phenom.cordula.ws> <alpine.BSF.2.00.0906031310420.51077@wojtek.tensor.gdynia.pl> <20090603133343.GB1988@phenom.cordula.ws> <4ad871310906030653o62d7e708w1a7be44334ab8dab@mail.gmail.com> <20090603152939.GF1988@phenom.cordula.ws> <alpine.BSF.2.00.0906031820220.52712@wojtek.tensor.gdynia.pl>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 3 Jun 2009 18:21:28 +0200 (CEST), Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl> wrote:
> open source - just by being opensource - can't guarantee anything more 
> that availability of sources.
> 
> It's important to stay away of all that hype that opensource programs are 
> just better.
> 
> Many are, many not.

I'd like to add that IF security problems get discovered in OSS,
it's usually just a matter of few time that this problem gets
corrected. This is mostly because the public is able to look at
the source code, so many programmers with different approaches
and opinions can evaluate a certain security concept, and harden
it that way. There is no need even to rely on someone else to
fix it - you can fix it yourself.

In MICROS~1 land, you give yourself entirely into the hand of a
corporation that is not interested in selling secure products,
but ANY products, so you can't be sure that with the next release
you can buy, a known security problem has been corrected - and if
new problems are just delivered the same way.

A counter-example is VMS. It is a commercial product, but highly
reliable and secure.

(Allthough, the sayings about the human being the weakest point
in security considerations applies there, too.)


-- 
Polytropon
>From Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090603185039.54cdd820.freebsd>