[FSF India] Security concern for Free Softwares.

[Khuzaima A. Lakdawala]

"Arun Kumar.D" <arun_k_d@yahoo.com> writes:

> Hi, When the source code is distributed along with a software,
> anyone can examine it. But if there are any security holes in them,
> won't they be exploited by crackers? Won't this issue make free
> softwares insecure for the common user?

On the contrary. Because of its very nature, Free Software gets
subjected to a process of Peer Review far more robust than that for
Proprietary Software. You see, because "anyone can examine" the source
code, possible security holes in Free Software are detected and fixed
far earlier, quicker and sooner than in Proprietary Software.

Besides, looking at the source is not the only way of detecting
security holes. Unless you have been hibernating for quite some time,
you must be familiar with the recent and not-so-recent news reports of
the numerous security holes detected in the products of a particularly
notorious Proprietary Software company. The source code of these
compromised products is not available and still the detection of
security holes (by third parties) in these products has become a
matter of routine.

In addition, when a security hole is detected in any Free Software, it
invariably gets fixed immediately, by anyone. Whereas, for a
Proprietary Software program to be fixed, you are at the complete
mercy of the program's manufacturer to fix it. In fact, if the hole in
question is detected internally within the Proprietary Software
company, they may not even bother to fix it unless the hole gets
exploited!

For more on the security risks of using Proprietary Software, please
see:

http://www.complete.org/fs/fsethics/html/node9.html


-- 
Khuzaima A. Lakdawala