CollabNet CTO offers his two cents...
By Sylvia Carr
Published: 15 November 2004 16:30 GMT
Which software model is more secure - open source or proprietary?
In a recent interview with silicon.com, CollabNet founder and CTO Brian Behlendorf weighed in on the debate: "It ends up being a wash," he said, meaning each side has its advantages and disadvantages and neither is clearly more secure.
The fact that open-source code is audited by many eyes is an advantage in finding security holes, but this same practice also makes it easier for individuals to find weaknesses to exploit than in proprietary software, he said.
Behlendorf has worked on both sides of the software world - CollabNet sells software development tools as a service and he was co-founder of the open-source Apache Web Server Project. So his moderate view seems appropriate.
But he does reveal an open-source bias. "My hunch is that most commercial software companies don't put the effort into" security until there's bad PR. "In the open-source community there's a lot more hesitancy to put something out there that could be used unintentionally to create a problem."
In the end, the real difference between the two models, he said, was the seriousness of the bugs: "[Open-source projects such as] Apache, Subversion and Mozilla - they all have their fair share of holes. But if you look at the bug reports you'll notice the severity of the holes in the OS stuff tends to be less [than in commercial software]."
Overall, though, he added, the "state of security" is getting better for both types of software, with bugs becoming less severe across the board.
You can read more about CollabNet and Brian Behlendorf in silicon.com's profile piece, based on a recent interview.
Assisting on elements of certain projects as required, Network Administration (Upgrades, non-critical bug fixes, configuration) 40%, User Support and ...
SpringSource also employs the Java and Web thought leaders within the Apache Tomcat, Apache HTTP Server, Groovy and Grails open source communities. ...
Software Engineers - Open Source, Virtual Collaboration - Virtual C++, Java, .NET, Visual Basic Newport, South Wales up to 37,000+benefits Software ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Is Your Enterprise Architected for Tomorrow's Growth?
Improving IT service delivery through an integrated approach to software asset management...
TechRepublic Resource Guide: Software as a Service (SaaS) for Small and Midsize Businesses...
Download a Free Trial of SmartDraw: Learn why SmartDraw is the ideal alternative...
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy