Open Source Security: Still a Myth
Subject:   The heart is too far near the end
Date:   2004-09-17 10:32:52
From:   aaronbarlow
From the article,

"In the end it doesn't matter if open source systems tend to be more secure than proprietary systems, because on the whole they aren't yet coming close to being 'secure enough.'"

I think that this should have been the thesis of the article. Rather than focus on the difference between MS and Open source, which is a bit of a generalization on both sides, I think the article should have focused on what the Open source community could do to produce software that is "secure enough" (if there ever can be such a thing). Is there a way to leverage those many eyes into producing a more secure profuct? Why is extreme programming less secure? How do we produce open source security programming experts?

Secure software seems to be the contest that everyone is trying to win. I would rather read about how to win more than who is in the lead.

-- Feel free to ignore my opinions. They're ignoring you already.