Trend Micro: Open source is more secure
Results 1 to 3 of 3

Thread: Trend Micro: Open source is more secure

  1. #1

    Trend Micro: Open source is more secure

    Trend Micro: Open source is more secure
    http://news.zdnet.com/2100-1009_22-6083490.html

    We've known this when each and everyone of us started using open-source...Apparently, we need some "security company" to acknowledge this as well.

    "Open source is more secure. Period," Raimund Genes, chief technical officer for anti-malware at Trend, said.
    Is this news? Not really. But its kind of odd, isn't it?

    On one hand, you have a company like Kaspersky Labs delibrately putting out FUD and statistics that they pulled out of their arse, to scare open-source users...And then you have Trend Micro, acknowledging that open-source is a better way to go, in regards to security. Of course, they end the article with a bit of Microsoft arse kissing.

    "Microsoft is on the right track. It's now promoting access control, which was introduced by Unix. No one thinks of running Unix in root," Genes said.
    No $hit.

  2. #2
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    It frankly amazes me that these people actually find employment, let alone apparently senior positions?

    Mind you, it is Zdnet, so I will not be too critical of the guy, as he may well have been quoted out of context?

    "Open source is more secure. Period,"
    Would that be security through obscurity or security through unpopularity then? For example, I have an Acorn Archimedes PC, it runs the RISC OS which is closed source. It is a damn sight more secure than any Unix distro; and that is certainly not by design.

    Let's face it, there are no credible statistics or metrics by which "security" can be measured in absolute terms. And please don't bother to mention security models and standards. Systems are as secure as their administrators and users make them.

    A good example of this is the recent loss of Veteran's personal data............anyone care to mention a PC OS that would have prevented that?...............The employee broke the rules.

    Another thing to think about is that closed source mainframe OSes are pretty secure as are closed source Unix distros, and even OSX. So what did the guy really mean by "open source"?

    More people working on it.............perhaps, but divided amongst all the distros, and they are not getting paid?.....................given that the open source community has never undergone the levels of attack that closed source has, the whole concept is pretty academic and speculative?

    "Microsoft is on the right track. It's now promoting access control, which was introduced by Unix. No one thinks of running Unix in root," Genes said.
    I am willing to bet that if the number of Windows and Unix users were reversed, you would have pretty much the same number of people running as root as currently run as administrator. Assuming of course, that they new how to.

    Anyway the last quote is pretty crass, if you look at the history....................

    DOS was designed as a stand alone single tasking OS. Windows was just a fancy GUI stuck on the top of it. It wasn't until Windows for Workgroups 3.11 that networking was really thought about. So access control was never an issue to begin with. Win 95/98/ME were designed as single user, home user systems..................they were never intended to be "secure"

    Access control has been a part of Windows since NT 4.0, which is not what I would describe as "now" and they were intended to be multi-user systems.

    Unix predates PCs and comes from a multi-user mainframe background. Of course it had access control. So do other mainframe OSes, and for the same reasons.

    I really don't think that article brings anything to the table other than a bit more sensationalism for Zdnet

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #3
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716
    Would that be security through obscurity or security through unpopularity then?
    Idunno. Which car would you rather strap your kids into, a 1974 pinto
    or a 2006 volvo? What I look at is the track record. How many volvos,
    on average, burst into flames every day?

    Systems are as secure as their administrators and users make them.
    Yeah. I could weld 4 inches of armor plate on the back of that pinto...

    the open source community has never undergone the levels of attack that closed source has
    You can't be serious. People are highly motivated to attack open source. Ballmer
    has 1000s of his little munchkins hackain away as we speak. Nobody
    HaX0Rs windozz any more. That was so nineties....
    I came in to the world with nothing. I still have most of it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides