Security and Free Software
Bernhard Reiter
bernhard at intevation.de
Fri Sep 17 08:08:30 UTC 2004
Occasionally the question arises:
Is Free Software more secure?
And what statement can be made about this, e.g. by the FSFE.
My answer to this is:
Free Software has a higher chance of being secure.
Of course I wouldn't post this to a discussion list
if this was completely clear to everybody.
Unfortunately the relation of freedom to security is complicated.
There are already quite a few texts and papers about it.
Maybe we need to find the best which can be used as references
to give to journalist and other interested people.
To support my statement I usually look at David Wheeler's work first.
http://www.dwheeler.com/oss_fs_why.html#conclusions
OSS/FS software often has far better security [1],
perhaps due to the possibility of worldwide review.
[1] http://www.dwheeler.com/oss_fs_why.html#security
Again, it is not true that proprietary programs are
always more secure, or that OSS/FS is always more secure, because
there are many factors at work. For example, a well-configured and
well-maintained system, of any kind, will almost always be far more
secure than a poorly configured and unmaintained system of any kind.
For a longer description of these issues, see my discussion on open
source and security [2] (part of my book on writing secure software).
However, from these figures, it appears that OSS/FS systems are in
many cases better - not just equal - in their resistance to attacks
as compared to proprietary software.
[2] http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/open-source-security.html
(Wheeler in this book uses "open source" for Free Software.)
2.4.1. View of Various Experts
2.4.6. Bottom Line
Just making a program open source doesn't suddenly make a
program secure, and just because a program is open source does not
guarantee security:
First, people have to actually review the code. This is one
of the key points of debate - will people really review code
Second, at least some of the people developing and reviewing
the code must know how to write secure programs.
Third, once found, these problems need to be fixed quickly
and their fixes distributed. Open source systems tend to fix the
problems quickly, but the distribution is not always smooth.
Another advantage of open source is that, if you find a
problem, you can fix it immediately. This really doesn't have any
counterpart in closed source.
In short, the effect on security of open source software is still a
major debate in the security community, though a large number of
prominent experts believe that it has great potential to be more
secure.
Another interesting source stressing active peer preview
is within Chapter 4 and Chapter 5 of Peter Gutmann's book:
Cryptographic Security Architecure
It is the book that stems from his thetis.
He has put a few chapters online at:
http://www.cs.auckland.ac.nz/~pgut001/pubs/thesis.html
Especially interesting for this question are:
Chapter 4: Verification Techniques
where he criticises a lot of believes about
how to build secure systems and verify them
Chapter 5: Verification of the cryptlib kernel
where he explains his approach and the interesting
part is 5.1.1 "Peer Review as an Evalution Mechanism"
and the cited literature there
Bernhard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.fsfe.org/pipermail/discussion/attachments/20040917/4021ce28/attachment.sig>
More information about the Discussion
mailing list