Why is open source software generally considered more secure?

LolaBelle

More than once I’ve heard people say that if software is not open source, it isn’t really secure. Is there any truth to this, and if so, why?

Topic: Security
Answer this Question

Answers

3 total
jimlynch
Vote Up (4)

Why Open Source Software is More Secure than Proprietary Software
http://www.junauza.com/2012/11/why-open-source-software-is-more-secure-t...

"If you see the immense success that Linux, Firefox, Android and other software have achieved over the years, it’s all thanks to the power of open source. What makes open-source software so great is that it is a result of selfless work of thousands of developers from around the world, who, in their free time, volunteer to create or help build their favorite applications.

Open-source software gives developers and users alike the ability to browse, modify, and redistribute the source code thus leading to more transparency. So, if a person X creates a particular software and he or she couldn’t manage to fix a bug, then someone from halfway round the world might spot that bug and help this developer. This is why a lot of people think that going the open-source way makes the software more reliable and secure. "

becker
Vote Up (3)

“Given enough eyeballs, all bugs are hollow.” - Linus Torvalds

Because the source code is open to everyone to inspect, there is a greater chance that someone will identify backdoors, security hole, bugs, etc. Of course, for this to be true, there have to be more eyes on it, so if Joe Schmo writes some piece of open source software and no one ever sees it, there would be no security benefit to being open source. However, for major projects such as Firefox, GIMP, Python, etc, there are going to be LOTS of eyeballs.

tshingking
Vote Up (2)

Mac OSX is a secure platform I have been using for years, although it''s not open sourced. The reason why open source software more secure is that there are a lot of people digging into the source code, hence, chances are higher than properity software for finding bugs.

Ask a question

Join Now or Sign In to ask a question.
A file-encrypting ransomware program called CryptoWall infected over 600,000 computer systems in the past six months and held 5 billion files hostage, earning its creators more than US$1 million, researchers found.
Former U.S. Secretary of State Hillary Clinton called for a "global compact" on surveillance and the use of collected data, saying the U.S. isn't the only country that does it and American technology companies are unfairly targeted for the government's actions.
Electric carmaker Tesla Motors wants security researchers to hack its vehicles. The Silicon Valley based high-tech carmaker will hire up to 30 full-time hackers whose job will be to find and close vulnerabilities in the sophisticated firmware that controls its cars.
Two recent vulnerabilities are examples of problems that could have been avoided if we had just applied the lessons already learned in similar contexts.
Windows XP users may now download a fourth service pack for the 13-year-old operating system, but it isn't coming from Microsoft.
The growing number of data breaches resulting in massive numbers of payment cards being stolen from retail stores and other businesses is occurring because they're failing to keep up with the Payment Card Industry's data security standard, according to the PCI Security Standards Council.
Email addresses and encrypted passwords of around 97,000 users who tested early builds of the Bugzilla bug tracking software were left exposed for three months following a server migration.
A U.S. Federal Bureau of Investigation spokesman said Wednesday the agency is working with the Secret Service to determine the "scope" of reported cyberattacks against several financial institutions.
A payment card industry security consortium warned retailers on Wednesday of the urgency to secure their systems against "Backoff," a malicious software program that steals card numbers.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+