begin oe_protect.scr
Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> espoused:
> Open source software and security
>
> ,----[ Quote ]
>| Open source advocates have argued that open source software is
>| inherently more secure because fixes for uncovered design flaws
>| are quickly distributed and made available. They further argue
>| that early and intense code review promotes the development of
>| better quality code.
>|
>| [...]
>|
>| So, with regard to supporting security policies, components of your IT
>| infrastructure should be selected based on the soundness of their design,
>| the commitment to security demonstrated by the vendor, and the
>| functionality required to support those policies, not the software
>| development model that produced it.
> `----
>
> http://opensourceblog.itproportal.com/?p=210
There is a key, further, issue here. For proprietary software, a
customer is entirely beholden to the supplier to fix it. Should the
supplier not fix it for some reason, there's little which can be done to
ameliorate the problem. Some will argue that they can be taken to
court, however, in the meantime, your problem is there and it's probably
costing money, but perhaps they've gone out of business, or just decide
to "end of life" the object in question.
If you're using foss, then the above problem cannot occur, because you
are able to find an alternative supplier to fix your problem for you, or
even do it yourself if you have the resources.
The key is that proprietary means you, the customer, have zero control,
whereas foss means that you, the customer, have complete control.
--
| Mark Kent -- mark at ellandroad dot demon dot co dot uk |
Save gas, don't eat beans.
|
|
