IT department won't let Daniel T use open source because they feel that it is a security risk. Experts at PC World reply that it is not a security risk - that it is safer than closed source programs.
Important points from this article:
Open source program (definition):
- source code open to anyone to study or improve upon
- it is free and often public domain
- Linux, OpenOffice, and Mozilla Firefox examples of popular open source programs
2 open source security programs mentioned by author: Password Safe and TrueCrypt "I wouldn't trade them for anything."
Quote from security expert Bruce Schneier (1999): "Public security is always more secure than proprietary security...For us, open source isn't just a business model; it's smart engineering practice."
PC World also notes that security of open source code enhanced because many experts examining it. This would be very expensive with proprietary software because the only people who can access the code are those on the payroll.
Makes sense to me. When I was a programmer for ACS, nobody saw our code except the programming department. When a programmer left the department, then his/her replacement had to become familiar with the code written by the previous programmer. If the code was written very badly, this could take days, weeks even. If the replacement was a contracted programmer (hired only on a job by job basis), then the cost of maintaining/updating the program skyrocketed. Also, we didn't have a lot of people checking the source code of others for quality because we didn't have the available manpower.
My point: I think that the quality of source code can be greatly improved through open source, and, hence, so can the security.
No comments:
Post a Comment