Secure Coding mailing list archives
Insecurity in Open Source
From: Ken at krvw.com (Kenneth Van Wyk)
Date: Tue, 10 Oct 2006 12:02:10 -0400
FYI, there's an interesting opinion article in Business Week by Coverity's CTO, Ben Chelf (see link below). In it, he discusses the results of their scanning of a significant sampling of both open- and closed-source projects. Chelf compares some special purpose proprietary software security/ quality with the best of what's out in the open source world. Further, he opines that the open source guys need to adopt far more rigorous QA testing in order to compete with the best of the proprietary source world. I'm passing this along not to launch into the invariable religious debates of closed- vs. open-source, but to encourage discussion about Chelf's claims with regards to rigorous QA testing. Anyway, here's the article. http://www.businessweek.com/technology/content/oct2006/ tc20061006_394140.htm?campaign_id=bier_tco.g3a.rss1007 Cheers, Ken ----- Kenneth R. van Wyk KRvW Associates, LLC http://www.KRvW.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://krvw.com/pipermail/sc-l/attachments/20061010/08e8c1b6/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: This is a digitally signed message part Url : http://krvw.com/pipermail/sc-l/attachments/20061010/08e8c1b6/attachment.bin
Current thread:
- Insecurity in Open Source Kenneth Van Wyk (Oct 10)