The U.S. Department of Homeland Security has recently pledged one million dollars (read in a Dr. Evil voice) to fix security bugs in open source projects like Linux, Apache and Mozilla. Stanford University and Symantec are going to do the work. On the one hand, I think that is a nice (but token) gesture of support for open source as a national (dare I say planetary?) asset. On the other hand, from a security standpoint, I would say that open source already has a distinct advantage over proprietary software because there are more people looking at the code and its flaws (“Given enough eyeballs, all bugs are shallow“). For example, I would not vote on an electronic voting system whose source code was not exposed to public scrutiny. So why single open source software out? I wonder what the government can do to make proprietary software more reliable and secure because, if you look at the security alerts, that is where the majority of problems seem to be. on the other hand, I am not sure that I want the government to have any influence over code that I cannot see in light of the recent trends regarding privacy.

Related posts:

1. New Optaros White Paper: The Growth of Open Source Software in Organizations
2. California Holds Hearing on Open Source Software in Election Systems
3. Open Source FAQ for my Mother and other Non-Digerati
4. A new metaphor for living with open source
5. Open Source CMS Article in EContent Magazine

This entry was posted by Seth Gottlieb on Friday, January 20th, 2006 at 1:55 pm and is filed under Uncategorized.You can leave a response, or trackback from your own site.