[clug] Anti-Virus Software

Daniel Pittman daniel at rimspace.net
Sat Jun 26 20:39:56 MDT 2010


Paul Wayper <paulway at mabula.net> writes:
> On 06/25/2010 01:16 PM, Kevin Pulo wrote:
>> On Fri, Jun 25, 2010 at 12:24:41PM +1000, Paul Wayper wrote:

[...]

> Open Source Software makes an additional assertion: that everyone can
> inspect it freely.  This has proven to reduce the chance of really obvious
> backdoors slipping into the code, and increases the quality of the code
> because more people see different problems and because shoddy code is
> exposed quicker.

Hey, excellent.  I would be really interested, if you could point to them, to
see the studies that prove that OSS has reduced the chance of backdoors
getting in, and that it improves code quality.

I am interested, in large part, because the studies I am aware of seem to keep
coming up with approximately the same bugs-per-line metrics as closed
software, and so on, so I don't feel comfortable personally making a claim
that OSS is any better than CSS.

> Proprietary software can never make this claim.

Sure it can; one of the most trivial ways is this:

    While OSS projects make their source code available to a wide audience,
    the skills required to perform security auditing are extremely rare, and
    the structure of the OSS development process means that people with those
    skills may not have any voice in the community.

...another is:

    OSS development encourages a wide range of people to commit to the source
    tree without any central review or quality control process.  While
    individual projects make some efforts, the average project is very much
    catch as catch can — allowing close-source project to take the quality
    lead by enforcing good development practices.


Now, they may not be /supportable/ claims, but they are certainly possible,
and absolutely can be argued to reduce the chances of an (obvious) back-door
slipping into the code, or to reduce the chances of shoddy code getting in.

        Daniel

-- 
✣ Daniel Pittman            ✉ daniel at rimspace.net            ☎ +61 401 155 707
               ♽ made with 100 percent post-consumer electrons


More information about the linux mailing list