Various sources of open software, often integrated together, provide a major problem for the enforcement of security.
I'd think open software has the advantage of at least being available for expection. For closed software we only have the behaviour of the software to go on. So like Peter T Breuer I'd like to know why you think this is true.
Now I am confused.
Doesn't this paper answer your question? So why did you pose the question on ReseachGate? Am I missing something here?
That is a question that needs to have a better scope definition. As others mentioned, it appears that there is no comparative data to make that judgement.
And then if you define the scope better, you will have to clarify the conditions. For example, if you compare Linux vs. Windows security, many will claim that Windows is by far less secure [and history appears to confirm this claim]. Then based on that, Can I say that open source is more secure? However, a counterargument could be that there is a higher interest (both monetary and in effort) to discover Windows based vulnerabilities.
With a better defined scope you may partially answer that question by quantifying the number of known vulnerabilities for specific open source software vs. their closed-source competitors (i.e. Internet explorer vs. Firefox). That obviously does not include 0-days and it does not answer the question completely, but at least you can have some quantification.
Without that, the answer to your question is just a matter of opinion.
Thanks for your latest two responses. Yes. You are right. I will try to make time to recast my question much more specifically. Sorry for the delay... Unexpected issues on the home front.
- Badges
- Science topic