| |||||||||||||
|
| |||||||||||||
Fortify: open source software is a security risk for businessesFortify: open source software is a security risk for businessesPosted Jul 22, 2008 14:42 UTC (Tue) by Gollum (subscriber, #25237)In reply to: Fortify: open source software is a security risk for businesses by The_Pirate Parent article: Fortify: open source software is a security risk for businesses
I hate self-serving generalisations as much as the next guy. But the point remains that you DO get open source developers that do not care about security, and do not have the financial incentive to care, either. While it results in them losing any reputation that they may have, and it should be relatively easy to find out about their attitude through public fora and mailing lists, etc, this is the reality. One example is SQL Ledger, IIRC (reported on LWN several times), which was forked because the developers refused to address security problems.
(Log in to post comments)
Fortify: open source software is a security risk for businesses Posted Jul 22, 2008 15:01 UTC (Tue) by michaeljt (subscriber, #39183) [Link] If you care about security you should probably be getting your software from a third party who takes care of these issues for you (Redhat?) unless you know what you are doing. Trying to do free (as in speech!) software on the cheap will get you the same results as doing anything else on the cheap.
Fortify: open source software is a security risk for businesses Posted Jul 24, 2008 9:31 UTC (Thu) by ekj (subscriber, #1524) [Link] Sure you do. But you get -ANY- kind of software from developers that do not care about security and have scant financial incentive to care. Really. If you think otherwise, you ain't spent enough time in proprietary development-environments.
|
|
||||||||||||