Is Open Source Wide Open? Not So Fast

Tuesday, 26 November 2002, 3:05 PM EST

According to Aberdeen Group, the Computer Emergency Response Team, which is based at Carnegie Mellon University, has determined that various forms of open source software -- including Linux -- have grabbed the title of biggest security Relevant Products/Services from IBM risk, edging out Microsoft.

Apparently, 16 of the 29 security advisories issued by CERT during the first 10 months of this year were for Linux or open source software. Six were issued for Microsoft. Let's ponder this for a moment.

These advisories represent only a small subset of all vulnerabilities -- those that are issued for the most serious problems -- and many of them involve open source software that is not necessarily part of the core Linux OS.

One potential explanation for the increase in the number of open source vulnerabilities is that such products' growing popularity creates a bigger target for attackers.

In fact, this has become a major selling point for Apple Latest News about Apple computers -- and a boast I hear frequently whenever I write about cyber security.

Now that many of the major computer manufacturers have chosen Linux over Windows as the operating system for their servers, I guess it was only natural for them to become targets.

According to Aberdeen, advisories about Trojan horses and viruses affecting Linux and other open source software (including Unix) increased from one in 2001 to two this year, while Microsoft went from six such advisories to none.

[ Read more ]


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th