Difference between revisions of "Open Source Security"
From MgmtWiki
(Created page with "==Full Title or Meme== Open Source Security technically applies to all software where the source code is available. In practice it means software that is developed using o...") |
(→Context) |
||
| Line 3: | Line 3: | ||
==Context== | ==Context== | ||
* A common problem with code that was developed in closed, even secretive, environments was often buggy and of unknown quality. | * A common problem with code that was developed in closed, even secretive, environments was often buggy and of unknown quality. | ||
| + | * In fact code like OpenSSL had bugs that persisted for years before they were discovered and patched. | ||
==Problem== | ==Problem== | ||
Revision as of 12:44, 12 May 2021
Full Title or Meme
Open Source Security technically applies to all software where the source code is available. In practice it means software that is developed using open source tools.
Context
- A common problem with code that was developed in closed, even secretive, environments was often buggy and of unknown quality.
- In fact code like OpenSSL had bugs that persisted for years before they were discovered and patched.
Problem
- The opposite is closed source software which is the way that software was originally written.
- The meaning of Open Source Software is sometimes conflated with Free Open Source Software, which is a common attribution that is not shared by all.
- For example the Mil-OSS site claims that "Derivative works – The open source software licenses must allow the distribution of software containing modified source code in the same name as of the original software." Which most people consider to be a feature of Free Open Source Software.
Solution
- Open Source web site contains a list of FOSS organization and claims the meaning of open source to be FOSS.
References
- For details on OSS and FOSS see the wiki page Open Source Software.
