Free and open source software may contain vulnerabilities that may go undetected for a long time, it offers users more protection than proprietary software where deliberate backdoors to be added, says Richard Stallman, founder of the GNU Project.
He reacts against the Guardian on the recently discovered Bash leak. According to Stallman leak in the long run will be just a “dot” are. “It will be one of the thousands of bugs where people of any abuse. However, if users control the program they can add features and fix bugs.” According to Stallman bugs can sit with each program. “However, a closed program will probably contain bugs intentional malicious functionality.”
Earlier let security expert Robert Graham know that the series of leaks in popular open source indicates that very few people actually look at the source code. Graham receives approval from Professor Alan Woodward, a security expert at the computer science education from the University of Surrey. “Opensource Fans say this is the best approach, because everyone can see the code. Unfortunately, that does not happen and in addition a lot of old code in opaque languages such as C written and is not to mention not structured properly.”
According to Woodward, it’s like taking apart 25-year-old spaghetti, it is no surprise that the code of this type of program is not checked often. This type of leak, such as Bash and OpenSSL, are therefore found only when someone notices a certain effect, not because the code is long gone. Woodward warns that this problem should be solved, otherwise more of this kind of old problems will come to the surface.
No comments:
Post a Comment