PDA

View Full Version : I almost burst out laughing



Barrucadu
March 22nd, 2008, 09:26 PM
Someone just told me that Windows is much more secure than Linux because Linux is open source and very few people are allowed to see the Windows source code...

Aren't they the two reasons usually given for saying why Linux is more secure?

bruce89
March 22nd, 2008, 09:28 PM
They must be under the (understandable) impression that anyone can edit the source code like Wikipedia. Of course this is rubbish, but it's what people think.

I'm sure you know the phrase "given enough eyeballs, all bugs are shallow".

JacobRogers
March 22nd, 2008, 09:42 PM
They must be under the (understandable) impression that anyone can edit the source code like Wikipedia. Of course this is rubbish, but it's what people think.

I'm sure you know the phrase "given enough eyeballs, all bugs are shallow".

I've never heard that phrase before and I'm having trouble inferring what it means from context. What does that phrase mean?

keykero
March 22nd, 2008, 09:43 PM
It means phpBB is extremely secure because it's open source.

Lord Illidan
March 22nd, 2008, 09:45 PM
From http://catb.org/~esr/writings/cathedral-bazaar/cathedral-bazaar/ar01s04.html

Linus was directly aiming to maximize the number of person-hours thrown at debugging and development, even at the possible cost of instability in the code and user-base burnout if any serious bug proved intractable. Linus was behaving as though he believed something like this:

8. Given a large enough beta-tester and co-developer base, almost every problem will be characterized quickly and the fix obvious to someone.
Or, less formally, ``Given enough eyeballs, all bugs are shallow.'' I dub this: ``Linus's Law''.
My original formulation was that every problem ``will be transparent to somebody''. Linus demurred that the person who understands and fixes the problem is not necessarily or even usually the person who first characterizes it. ``Somebody finds the problem,'' he says, ``and somebody else understands it. And I'll go on record as saying that finding it is the bigger challenge.'' That correction is important; we'll see how in the next section, when we examine the practice of debugging in more detail. But the key point is that both parts of the process (finding and fixing) tend to happen rapidly.

Barrucadu
March 22nd, 2008, 09:47 PM
Here is the exact quote.


That is the advantage of using an open-source software such as ubuntu. The disadvantage is tho you have no idea what is being added to it as it is not regulated. Windows are still one of the most secure operating systems available along with Mac. Why? Because experts make it. And are paid a lot to make it.

bruce89
March 22nd, 2008, 09:52 PM
Here is the exact quote.
That is the advantage of using an open-source software such as ubuntu. The disadvantage is tho you have no idea what is being added to it as it is not regulated. Windows are still one of the most secure operating systems available along with Mac. Why? Because experts make it. And are paid a lot to make it.

Hmm, they obviously have no idea in the way FOSS operates. As you know, not just anyone can change the master version of the source code.

A fairly high amount of FOSS is written by people who are paid for it (Ubuntu developers for instance). Which code do you trust, code written by someone passionate about what they are doing or code written at 16:45 on a Friday by a bored developer who can't wait to go to the pub?

Also, Ubuntu isn't software, it's a collection of other people's.

Bruce H. McCosar
March 22nd, 2008, 09:52 PM
Because experts make it. And are paid a lot to make it.

Experts also made the Hindenburg.

Megatog615
March 22nd, 2008, 09:54 PM
It means phpBB is extremely secure because it's open source.phpBB is terrible. Whether your software is open-source or not it can still suck.

IsawSp4rks
March 22nd, 2008, 09:56 PM
It means phpBB is extremely secure because it's open source.

Sarcasm? I've heard of phpBB forums decimated with exploits.

tvtech
March 22nd, 2008, 09:59 PM
I had a fully qualified cisco certified mcse/mcsa certified technician at my place of work tell me and I quote "we can't allow open source into this facilty because it's inherently insecure since the hackers have direct access to the code." yet he uses pen linux to do his penetration testing.

so laugh all you want but the reality is this is corporate thinking. and the truth is corporate open source is still going to have a really hard time making strides because this is a BELIEF, even by people that should know better.

Jay Jay
March 22nd, 2008, 10:04 PM
You really have to laugh at some of the pro-Win propaganda. If Windows is so secure then how come it can be hacked within 40 minutes if you go online without a firewall like Zone Alarm?

Ask them since Windows is such a secure OS then why Isn't there a dedicated firewall version, such as is available in the Linux world with the likes of Smoothwall and Coyote?

I don't blame you for almost bursting out with laughter, I would too... :)

Barrucadu
March 22nd, 2008, 10:11 PM
It's the "you have no idea what is being added to it" bit that I find most funny. Hello? It's open source, I can go and look if I want! Can you do that with Windows Updates? No? By his logic, that makes it less secure, as you have to rely on a little description saying what it is.

This person also has an irritating air of superiority as he is a tester for IE 8. He claimed that "Everyone will love this, whether you use IE6, IE7, FF or Opera".