Technic Dynamic is a source of education focused in the following categories of technology: (Computer - Design - Gadgets - Networking - Security) Link : http://technicdynamic.com
Since Linus Torvalds and his Linux system, open source has grown considerably.But what is Open Source?It is the act of making public the source code of software.Open source is governed by a set of licenses, the best known is theGNU Public License.This source code is no longer the Possession of a private person, a group of people, or society, as was the case since the birth of the computer in 60 years, until the 80/90 years.Larger companies followed suit currently no independent developers and in turn offer professional-quality software as open source.But behind this intellectual ferment, what are the consequences for safety, for open source projects?
The benefits
Multiple re-readings of the code
Whether student, professional, amateur or just whatever their level, methods, culture, nationality, the programmer has access to the code.He can read it to understand and anticipate debugging.Readings of these cross many bugs can be detected.Among these bugs, there are certainly directly affect the security of software, such asbuffer overflow.This is calledapplication security holes.
Reactivity of open source
Another advantage of open source is that the community responds more quickly in the bug fix.This even happens frequently that the programmer discovers a bug also proposes allowing the patch to fix it, when information is made public.The traditional software companies take longer because their structure is more hierarchical, larger and less reactive.
The disadvantages
Multiple re-readings of the code
Proofreading multiple code can detect a greater number of security holes in software. By cons, it would be naive to think that all the security holes are seen! Software is becoming more complex and some even exceed the vision that a programmer can have all the software. This is true of Linux programmers are confined to write patches in the best modules, and few people have a global view of all the pieces of code that make up the Linux kernel. If we add to this that there is a kernel for each OS, and each OS has different behavior for safety in programming ... In addition, across all programmers in the world, there are few people qualified to do a reading of open source code, looking for security holes. It is therefore quite conceivable that a security hole exists in open source software and that no one finds out for months, even years.
Open source is ... Open!
Putting the code accessible to everyone is risky: If someone discovers a security hole, nothing prevents him to keep for him to make a profit of some kind. A security hole that can not be corrected if known. So as hackers keep their information for them, the target software will not be corrected. And it can take months.
Conclusion
Everyone knows that security based on a proprietary program is not safe: Any hacker can disassemble the code to understand how the protection is made. It is a fact. This is why open source is generally considered more secure than proprietary code. As we have seen, it is not. The mere fact that goes in the direction of open source is that a security bug is usually more quickly discovered and corrected more quickly.
