Open source software means that the code used to create the program is publicly known, and not hidden like most software packages a person would pay for. These programs, such as the web browser Mozilla Firefox and Linux based operating systems claim to be safer than their counterparts Microsoft's Internet explorer and Microsoft Windows. What makes these programs safer, when there are teams of professionals working on Microsoft's products?
Most security issues arise because of a bug in a certain program. These bugs, such as buffer overflows, allow a ill-meaning person to exploit the error in the code and force the program to do something the developer did not intend the program to do. These bugs are common and every single program has them. Therefore, it is not how many bugs a program has the determines the security of the software but how the bugs are dealt with and how easy it is to find them. When a company hides the code of the software, it becomes difficult for the end user to find where an error in the code is if one occurs. This is where most bugs surface, because it is impossible to simulate every possible use of the program before it becomes available to the public. The user simply sends a report to the software vendor and they try to recreate the exact situation to find the bug. Unfortunately, this is not always possible because a program has an almost infinite number of directions it can go in, thereby constantly changing variable values. However, if the code is publicly available, the end user can debug the software exactly when the error occurred, increasing the probability that the bug can be found. Since more people are looking for bugs than in software where the code is hidden, the time it takes for the bug to be fixed greatly decreases. In fact, according to independent tests, Internet Explorer was unsafe for 284 days in 2006 while Mozilla Firefox was unsafe for only 9. Sometimes the best things in life really are free.
No comments:
Post a Comment