July 30, 2009 By Hilton Collins
When you buy software, you probably trust that you're getting a secure product that runs well. This faith may come from the fact that the source code - the digital DNA that tells the program how to work and what to do - is hidden from consumers. In most cases, only the select programmers tasked with maintenance and security can see it and make changes.
Closed or proprietary code is the engine of legions of vendor-made products. Many of them, like Microsoft's nearly ubiquitous Windows software, are closed code to prevent piracy and duplication by competitors or users. And for some license owners, the perceived benefit of closed code is that if no one sees it, those who intend to do harm can't see the software's vulnerabilities easily and how to exploit them.
The prevalence of open source code, however, could make one wonder how much secret code matters. The term "open source" generally refers to programs in which people can view or modify the programming code. Open code is developed in a collaborative environment where programmers can make changes that are visible for the community to see. People can download many of these programs free of charge and can choose to join the development process by making modifications or viewing changes as they see fit.
But does this openness make it less secure than its closed source brethren? Open source advocates certainly don't think so.
"You know exactly what needs to be done to secure it and what vulnerability it has. It's quantifiable; it's knowable," said Christopher Adelman, vice president of sales and marketing for Alien Vault. Alien Vault created OSSIM (Open Source Security Information Management). "The problem with closed source solutions is there's a certain leap of faith associated with closed source software."
You may use or reference this story with attribution and a link to