Security and Free Software

Bernhard Reiter bernhard at intevation.de
Fri Sep 17 08:08:30 UTC 2004


Occasionally the question arises: 
		
	Is Free Software more secure?

And what statement can be made about this, e.g. by the FSFE.
My answer to this is:
	
	Free Software has a higher chance of being secure.

Of course I wouldn't post this to a discussion list
if this was completely clear to everybody. 
Unfortunately the relation of freedom to security is complicated.
There are already quite a few texts and papers about it.
Maybe we need to find the best which can be used as references
to give to journalist and other interested people.

To support my statement I usually look at David Wheeler's work first.

	http://www.dwheeler.com/oss_fs_why.html#conclusions

		OSS/FS software often has far better security [1],
		perhaps due to the possibility of worldwide review.

	[1] http://www.dwheeler.com/oss_fs_why.html#security

	Again, it is not true that proprietary programs are
	always more secure, or that OSS/FS is always more secure, because
	there are many factors at work. For example, a well-configured and
	well-maintained system, of any kind, will almost always be far more
	secure than a poorly configured and unmaintained system of any kind.
	For a longer description of these issues, see my discussion on open
	source and security [2] (part of my book on writing secure software).
	However, from these figures, it appears that OSS/FS systems are in
	many cases better - not just equal - in their resistance to attacks
	as compared to proprietary software.

	[2] http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/open-source-security.html

(Wheeler in this book uses "open source" for Free Software.)

	2.4.1. View of Various Experts

	2.4.6. Bottom Line

	Just making a program open source doesn't suddenly make a
	program secure, and just because a program is open source does not
	guarantee security:

	First, people have to actually review the code. This is one
	of the key points of debate - will people really review code
	
	Second, at least some of the people developing and reviewing
	the code must know how to write secure programs. 

	Third, once found, these problems need to be fixed quickly
	and their fixes distributed. Open source systems tend to fix the
	problems quickly, but the distribution is not always smooth.
	
	Another advantage of open source is that, if you find a
	problem, you can fix it immediately. This really doesn't have any
	counterpart in closed source.

	In short, the effect on security of open source software is still a
	major debate in the security community, though a large number of
	prominent experts believe that it has great potential to be more
	secure.

Another interesting source stressing active peer preview
is within Chapter 4 and Chapter 5 of Peter Gutmann's book:
	Cryptographic Security Architecure

It is the book that stems from his thetis.
He has put a few chapters online at:
	http://www.cs.auckland.ac.nz/~pgut001/pubs/thesis.html

	Especially interesting for this question are:
		Chapter 4: Verification Techniques
			where he criticises a lot of believes about 	
			how to build secure systems and verify them
		Chapter 5: Verification of the cryptlib kernel
			where he explains his approach and the interesting
			part is 5.1.1 "Peer Review as an Evalution Mechanism"
			and the cited literature there

Bernhard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.fsfe.org/pipermail/discussion/attachments/20040917/4021ce28/attachment.sig>


More information about the Discussion mailing list