Is Open Source Wide Open? Not So Fast

Tuesday, 26 November 2002, 3:05 PM EST

According to Aberdeen Group, the Computer Emergency Response Team, which is based at Carnegie Mellon University, has determined that various forms of open source software -- including Linux -- have grabbed the title of biggest security Relevant Products/Services from IBM risk, edging out Microsoft.

Apparently, 16 of the 29 security advisories issued by CERT during the first 10 months of this year were for Linux or open source software. Six were issued for Microsoft. Let's ponder this for a moment.

These advisories represent only a small subset of all vulnerabilities -- those that are issued for the most serious problems -- and many of them involve open source software that is not necessarily part of the core Linux OS.

One potential explanation for the increase in the number of open source vulnerabilities is that such products' growing popularity creates a bigger target for attackers.

In fact, this has become a major selling point for Apple Latest News about Apple computers -- and a boast I hear frequently whenever I write about cyber security.

Now that many of the major computer manufacturers have chosen Linux over Windows as the operating system for their servers, I guess it was only natural for them to become targets.

According to Aberdeen, advisories about Trojan horses and viruses affecting Linux and other open source software (including Unix) increased from one in 2001 to two this year, while Microsoft went from six such advisories to none.

[ Read more ]




Spotlight

Behavioral analysis and information security

Posted on 22 September 2014.  |  In this interview, Kevin Watkins, Chief Architect at Appthority, talks about the benefits of using behavioral analysis in information security and how behavioral analysis can influence the evolution of security technologies.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //