The security of open source software

Flask Data provides a one-stop cloud subscription for EDC, data management and statistics.

A conversation with a client this morning revolved around software development tool alternatives in an environment of Web Socket.
Why not use Flash on the client and AMF on the server side?, the client asked. I hesitated for a moment and answered – because Adobe is proprietary and closed source and the only developers looking at the code are Adobe employees. If you’ve ever gotten a white screen of death and a cryptic #1707 upload failed message – you know what I mean. Everything else – the security vulnerabilities of Flash, the cost of development, the support costs, all derive from the closed-source proprietary software.

In 2011, there seems to be more awareness that Open Source software is more secure and more reliable. In reality, the most secure systems available today are based on the open source model and peer review. There is absolutely no question that the secret to creating great software that is also secure software is by marshaling as many smart people as possible to the task.

Natalie Walker-Whitlock wrote an excellent article – The security implications of open source software almost 10 years ago and it’s still an excellent read.

Traditionally, software security was equated with secrecy. You lock up your house, your car and your valuables. In the software community, you “lock up” the programming source code as a means of securing it against hackers and competitors.

To the closed source camp, a system can’t be truly secure when its source is open for all to read. This is patently a very bad idea since with good guys and bad guys all looking at a supposedly secure system, disclosing the source discloses software defects and by remedying defects, the software becomes more reliable. More reliable software slows up intruders and reduces the attack surface and, in the event of a data breach, keeps damages due to data loss at a minimum.

Related Posts Plugin for WordPress, Blogger...

Flask Data is a technology company with a strong people focus. We are a diverse group of computer scientists and clinical operations specialists based in Israel, the US and India. We are accomplished at providing our customers with the most effective way to achieve high quality clinical data and assure patient safety. There is no single solution that works for every clinical trial. We work hard to understand your unique situation. We work with your team to develop the best solution to achieve high quality clinical data and assure patient safety the same day you engage with patients.

Flask Data – same data data and safety solutions for clinical trials.

Contact us to learn more

Tell your friends and colleagues about us. Thanks!
Share this

Leave a Reply