11 April 2007

Security in Numbers (105, to be Precise)

One of the oldest canards is that open source can't be secure, because crackers are able to see the source code and exploit it. Good to see a journal dedicated to security doesn't buy it:

Open source applications make their source code publicly available for any user to download, compile and execute. This makes it possible for developers to modify different aspects of the program to their needs. However, it also makes it extremely easy for malicious coders to find and use exploits in the software against unsuspecting users.

To prevent this from happening, open source software employs some of the highest forms of security around, and when it comes to open source security applications, that bar is set even higher. After all what good would a network firewall or intrusion detection system be if a user were able to penetrate the system because of an exploit in the source code?

It follows this up with a handy list of 105 open source security apps (although I'm not quite sure if all are pure free software, or whether some just run on things like GNU/Linux). Anyway, a useful starting point.

No comments: