Paul Walker on 23 May 2011 15:51:53 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [PLUG] Microsoft's Many Eyeballs? |
On Mon, 23 May 2011 16:08:39 -0400, Stephen Slaughter wrote:
What do you folks think about this article?[1]
http://blogs.msdn.com/b/shawnhernan/archive/2010/02/13/microsoft-s-many-eyeballs-and-the-security-development-lifecycle.aspx
Is it true that open source code is reviewed by many fewer eyes than
we might think?
I'm dubious about the opinion of this article (i.e.. proprietary code
from Microsoft is more secure) considering it was written by a
Microsoft developer; however, people who think Linux is more secure
are usually Linux developers and enthusiasts.
Can anyone point me to an impartial opinion on this subject?
FUD.
Microsoft has been doing closed source development for almost 40 years, and so far they didn't prove they could provide code free of bugs or security issues.
I see people coming from nowhere proposing patches to open source projects (not only security patches, all sorts of patches), that's the strengths of the Open Source model.
OpenSSL, for example, is ultra secure partly because of the many reviewers that have access to the source. Now, the code is beefy, and reviewing is hard, but it happens, and probably more often than at microsoft.
Julien
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug