Insecurity in Open Source

[Ken at krvw.com (Kenneth Van Wyk)]

FYI, there's an interesting opinion article in Business Week by  
Coverity's CTO, Ben Chelf (see link below).  In it, he discusses the  
results of their scanning of a significant sampling of both open- and  
closed-source projects.

Chelf compares some special purpose proprietary software security/ 
quality with the best of what's out in the open source world.   
Further, he opines that the open source guys need to adopt far more  
rigorous QA testing in order to compete with the best of the  
proprietary source world.

I'm passing this along not to launch into the invariable religious  
debates of closed- vs. open-source, but to encourage discussion about  
Chelf's claims with regards to rigorous QA testing.  Anyway, here's  
the article.

http://www.businessweek.com/technology/content/oct2006/ 
tc20061006_394140.htm?campaign_id=bier_tco.g3a.rss1007

Cheers,

Ken
-----
Kenneth R. van Wyk
KRvW Associates, LLC
http://www.KRvW.com




-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://krvw.com/pipermail/sc-l/attachments/20061010/08e8c1b6/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://krvw.com/pipermail/sc-l/attachments/20061010/08e8c1b6/attachment.bin