| Julien Vehent on 23 May 2011 13:26:03 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Microsoft's Many Eyeballs? |
On Mon, 23 May 2011 16:08:39 -0400, Stephen Slaughter wrote:
What do you folks think about this article? http://blogs.msdn.com/b/shawnhernan/archive/2010/02/13/microsoft-s-many-eyeballs-and-the-security-development-lifecycle.aspx [1] Is it true that open source code is reviewed by many fewer eyes than we might think? I'm dubious about the opinion of this article (i.e.. proprietary code from Microsoft is more secure) considering it was written by a Microsoft developer; however, people who think Linux is more secure are usually Linux developers and enthusiasts. Can anyone point me to an impartial opinion on this subject?
FUD.Microsoft has been doing closed source development for almost 40 years, and so far they didn't prove they could provide code free of bugs or security issues.
I see people coming from nowhere proposing patches to open source projects (not only security patches, all sorts of patches), that's the strengths of the Open Source model. OpenSSL, for example, is ultra secure partly because of the many reviewers that have access to the source. Now, the code is beefy, and reviewing is hard, but it happens, and probably more often than at microsoft.
Julien ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug