Secure Coding mailing list archives
Fwd: I don't beleive open source is always the answer
From: "Joe Teff" <joe () joeteff com>
Date: Thu, 11 Dec 2003 12:15:31 +0000
Although I'm an avid fan of open source, I have a huge problem with that model when it comes to enterprise solutions. The argument that bugs are researched and fixed quicker for open source is not completely true. They definitely are if one of the contributors is interested in that specific area. However, there is nothing compelling anyone to fix a specific issue. If it is fixed, the fix occurs in one of the builds. There is no back patching of supported versions. In order to get a fix as soon as possible, you also have to take many other changes that may or may not be complete, safe or tested. Waiting for a milestone build that is fairly stable and has sufficient use to shake out most of the bugs does not occur any more often than commercial releases from a vendor. The idea of taking the source and making your own change is also unrealistic. Since this list is all about security, I know everyone here would agree that any such change would require a great deal of testing. You've then just made the solution your own product to support. joe teff -----Original Message----- From: Stephen Galliver <[EMAIL PROTECTED]>
I wonder if these issues point to the ultimate advantage of the open source paradigm: that software is released when it is ready, not rushed out the door to corner market share.
Current thread:
- Fwd: I don't beleive open source is always the answer Joe Teff (Dec 11)
- Re: Fwd: I don't beleive open source is always the answer David M. Wilson (Dec 11)
- Re: Fwd: I don't beleive open source is always the answer Joe Teff (Dec 12)
- Re: Fwd: I don't beleive open source is always the answer George W. Capehart (Dec 11)
- Re: Fwd: I don't beleive open source is always the answer Martin Stricker (Dec 11)
- Re: Fwd: I don't beleive open source is always the answer der Mouse (Dec 12)
- Message not available
- Re: Fwd: I don't beleive open source is always the answer Joe Teff (Dec 12)
- Re: Fwd: I don't beleive open source is always the answer David M. Wilson (Dec 11)