Open-source is the Way to Go for Cyber Security

By CIOReview | Thursday, May 22, 2014

FREMONT, CA:  Steven J.Vaughan-Nichols, from ZDNet defends the efficacy of open-source software – in the backdrop of the discovery of OpenSSL security bug Heartbleed – by arguing that even proprietary software have security flaws.  

Vaughan-Nichols states that a company as big as Microsoft wouldn’t have released patches every month for its range of software solutions if there were no security concerns. Proprietary organizations such as Google, facebook, yahoo, Wikipedia, Twitter and Amazon all have been using open-source software. It is worthy to note that companies such as Adobe and Apple also have experienced security flaws in their proprietary software, he adds, reports ZDNet.

With the exception of Heartbleed, open-source programming is the best way to prevent security troubles says Vaughan-Nichols. The flaw managed to exist for longer time could be because of underfunding and laxity in checking the OpenSSL software as argued by him.

According to a study done by Coverity – a software vendor that develops testing solutions – it has been observed that open-source programs have fewer errors for every thousand lines of code compared to that of the proprietary ones. In other case, the Communications-Electronics Security Group (CESG), that tracks security flaws in operating systems and other software, has noted that Ubuntu 12.04, a linux variant for OS, is the most secure desktop. Comparing this to Microsoft’s Internet Explorer which has had a security flaw existing since the release of IE 6 through IE 11, it can hardly be argued that proprietary software can in away be not prone to errors.

The greatest power one gets with open-source platform is the uninhibited access to the code that is originally used to develop a software product. Programmers can view, edit and share it with others across the globe making it a healthy and prospective commodity. One can make changes to open-source software according to his needs and it works perfectly fine and the scope of improvement is unbounded. This flexibility and agility is absent in the proprietary software which are rigid and opaque in their characteristics. Vaughan-Nichols believes that Open-source is the best bet for developing secure software.