Language Selection

English French German Italian Portuguese Spanish

Open Source vs. Windows: Security Debate Rages On

Filed under
Microsoft
OSS

It's a topic of fierce debate among high-tech cognoscenti: What's more secure -- "open source" code such as Linux and Apache, or proprietary "closed source" operating systems and applications, Microsoft's in particular?

The regularity with which Microsoft has taken to announcing vulnerabilities and consequent software fixes has left few cheering about its security. In contrast, high expectations endure for open source, with proponents arguing that it's inherently more secure because a much larger set of developers can read the code, vet it and correct problems.

"I'm struggling to think of anyone who would argue the other way," says Adam Jollans, chief Linux technologist at IBM Latest News about IBMSoftware Group.

"Discovery is different in the open source and closed source approach," Jollans says. "Because source code is visible to lots of people, if there is a security issue, it tends to be spotted earlier. The open source community isn't shy about criticizing bad code."

Thus, open source developers are "more able to respond quickly and to use new and more secure techniques. Because they perform for peers' kudos, this, too, behooves them to perform well," Clarke says.

"Open source development is centered around operating systems designed many years ago with security and Internet connectivity as a base requirement," he adds.

Open source is foremost an "ethos" that "is precisely the best social environment for the best development of anything," Clarke maintains. "By contrast, the principle culprit of poor security, Microsoft, has several major issues with producing secure code."

Microsoft seems lax to security threats," says Robert Swiercz, managing director of the Portal of Montreal, the city's Web site. "I have less and less ability to trust them." He, too, expresses confidence in the open source community, saying, "This is where the solutions are coming from."

However, some call these assumptions into question and assert there's a lack of accountability in fixing open source. A number of research firms are ready to puncture the belief that open source is by its very nature superior.

Other I.T. managers say they like a lot of open source security tools and applications but corporate policies prevent them from using them.

"We don't do open source because my lawyer says there's no one to sue," says Phil Maier, vice president of information security at Inovant, Visa's technology deployment division. "The lawyers had the final say."

Full Article.

More in Tux Machines

Raspberry Pi imitator has GbE, 2GB RAM, and 4K video

Asus has launched a RPi-like “Tinker Board” that runs Debian and Kodi on a quad-core 1.8GHz -A17 RK3288, and offers 2GB RAM, GbE, 4K video, and 40-pin GPIO. The rumored Asus Tinker Board is finally for sale at Farnell in the UK, with a footprint, layout, and features that are very close to that of the Raspberry Pi, including the much copied 40-pin expansion connector and a Debian Linux image. The quad-core SoC and onboard wireless further reminds one of the Raspberry Pi 3. Read more

FastComputer: Fussy but Fixable

Let's assume that the developer soon will issue an updated or fixed version so the Network Manager will work outside a Virtual Machine window. That will give FastComputerLinux a shot at being more useful to those who want a good out-of-the-box simple OS solution. I am not sure that this distro's name is an indication of speedy performance. I tested it on several machines looking for speed. As expected, the live session DVD was very sluggish. It was much peppier on the VM. I was expecting a little bit better speed performance on my test gear with a hard drive installation. Read more

Linux Kernel 4.9.5 Released with Updated Radeon Drivers, KVM and PPC Fixes

A new maintenance update of the Linux 4.9 kernel series was announced today by renowned Linux kernel maintainer and developer Greg Kroah-Hartman, versioned 4.9.5. Coming only five days after the previous point release, Linux kernel 4.9.5 appears to be a big milestone that changes a total of 132 files, with 1515 insertions and 821 deletions. There are numerous improvements implemented in this fifth Linux 4.9 maintenance update, but first we'd like to remind you that Greg Kroah-Hartman recently marked this kernel branch as long-term supported (LTS), yet this is not apparent from kernel.org. Read more

Linux-based IoT gateway certified for Azure

IonSign’s “Gluon GMU491 Cloud Gateway” runs Debian on a TI Sitara SoC and aggregates multiple sensor and Modbus inputs for Azure and AWS. Finland-based IonSign has begun shipping an IoT gateway billed as a “complete industrial grade production unit for data collection and edge computing.” The Debian Linux based Gluon GMU491 Cloud Gateway is designed for collecting sensor, meter, fieldbus, or automation system data and packaging it for direct delivery to commercial cloud platforms. Read more