Feldman Explains Open Source, I Ponder his Approach

April 24, 2006 · · Posted by Jordan Frank

In a multi part series published in KM World magazine, David Feldman is explaining Open Source software and the dynamics of the groups who support it. The developer group organizations are as interesting to understand (see Bob Wolf reference in Collaboration - Yesterday, Today & Tomorrow - Boston KM Forum) as where open source will make its biggest mark (open source tools vs. operating systems vs. applications, for example).

Feldman makes a case that since the developers are typically the users of open source software, the interfaces and ease of use are not a primary focus for development. Whereas commercial software providers may sacrifice stability and security for features quick releases.

These are good examples and a lens through which to view open vs. closed source applications. However, when considering security, relative security that is, other key factors may include the size of the effort, the number of deployments of the software, and the market's emotional profile toward the software.

A study by Coverity described in CNET News.com tells us that of 32 open source projects, an average of 0.434 bugs per 1,000 lines of code were found. However, looking only at the LAMP stack, only 0.29 bugs per 1,000 were found. So, it would appear that larger open source efforts result in higher software quality.

I am looking for a study on security considerations for the various operating systems. My own experience when in Operations at a Content Distribution Network provider was that our Linux servers, over 100 distributed globally, were attacked regularly and compromised several times. By contrast, our Solaris servers were rarely attacked and never compromised.

My presumption is that Linux code is better known and, therefore, more easily targeted. On the other hand, in the case of Microsoft Windows, the market profile is such that hackers like to target it and have done so quite successfully.

Page Top