[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Re: NSA Connection to SE Linux (fwd)



Disillusioned rearranged electrons thusly:

> This sparks it again. Can open source software be secure ?

Sendmail is secure.  Postfix is secure.  The linux kernels are quite secure
(with patches to increase security even further).

With stuff like hp-ux (say), or worse, Microsoft, everything is closed source -
you have to depend on the vendor to release patches and service packs, and you
dont know WHAT the patch / service pack will do, you have to blindly plug it in
and hope that something new has not broken.

With open source -

1. Security holes are discovered early - and patched within hours or days (try
getting that kind of lead time from M$ or Sun or ....)

2. You +know+ what the security patch does as the code is in front of you (of
course, reading the code and understanding it is a totally different story ...)

Of course, not all open source software comes with a "security guarantee" of
any sort.  You take what you get.  But then, there's even less guarantee with
closed source stuff.

I'll leave it to you to decide on the security of open source software now.
 
	-s

-- 
Suresh Ramasubramanian  <-->  mallet <at> efn <dot> org
EMail Sturmbannfuhrer, Lower Middle Class Unix Sysadmin