An analysis being presented this week says open source software is exploited
faster and more effectively than proprietary solutions.
Even so, the author of the study, Sam Ransbotham of Boston College, stops
short of saying open source is less secure than proprietary software, for a
variety of reasons:
- More vulnerabilities tend to be caught pre-release in open-source
software, so there are fewer opportunities for exploitation.
- The types of vulnerabilities may be of differing importance. Ransbotham
said it was possible the vulnerabilities found in open source were "shallower"
and less important than those in proprietary software.
- Intangibles in the different types of software — not proprietary vs open
source, but rather what the software does — that make some vulnerabilities
easier to exploit than others.
- Just as the code being open source can make it easier for those who
exploit the vulnerabilities, it can make the job easier for those who would