[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] MS: "Closed source is more secure"

To: debate@fitug.de
Subject: [FYI] MS: "Closed source is more secure"
From: "Axel H Horns" <horns@ipjur.com>
Date: Fri, 13 Apr 2001 12:35:52 +0200
Comment: This message comes from the debate mailing list.
Organization: NONE
Sender: owner-debate@fitug.de

http://www.theregister.co.uk/content/8/18286.html

------------------------------- CUT -------------------------------

Closed source is more secure -- MS  

By: Kevin Poulsen  

Posted: 13/04/2001 at 08:27 GMT  

The head of Microsoft's security response team argued here Thursday 
that closed source software is more secure than open source projects, 
in part because nobody's reviewing open source code for security 
flaws.  

"Review is boring and time consuming, and it's hard," said Steve 
Lipner, manager of Microsoft's security response center. "Simply 
putting the source code out there and telling folks 'here it is' 
doesn't provide any assurance or degree of likelihood that the review 
will occur."  

The comments, delivered at the 2001 RSA Conference, were a challenge 
to one of the tenets of open source, that 'with many eyes, all bugs 
are shallow.'  

[...]  

Lipner closed by warning that the nature of open source development 
may lend itself to abuse by malicious coders, who could devilishly 
clever 'trapdoors' in the code that escapes detection, hidden in 
plain sight.  

[...]

------------------------------- CUT -------------------------------

Follow-Ups:
- Re: [FYI] MS: "Closed source is more secure"
  - From: dietz@rotfl.franken.de

Prev by Date: [FYI] Die Wirtschaft geht mit der Überwachungsverordnung zu defensiv um
Next by Date: [FYI] "MS sabotages MP3 quality under Win-XP"
Prev by thread: Re: [FYI] Die Wirtschaft geht mit der Überwachungsverordnung zu defensiv um
Next by thread: Re: [FYI] MS: "Closed source is more secure"
Index(es):
- Date
- Thread