Study Says Open Source Software a Security Risk

Study Says Open Source Software a Security Risk 86

Posted by CmdrTaco on Monday July 21, 2008 @06:18PM from the sky-is-falling dept.

chareverie writes "Fortify Software released a study where they concluded that open source software poses a large security risk to corporations who have implemented it. They reason this by stating that the fault lies within the open source communities and their failure to adhere to minimum security practices. Fortify Software studied 11 open source software packages, where the application server Tomcat was determined to be the best. The other 10 were found to have poor results, with those being Derby, Geronimo, Hibernate, Hipergate, JBoss, Jonas, OFBiz, OpenCMS, Resin and Struts. Jacob West, manager of Fortify's research group, reminds that purpose of the study was 'not to condemn open source software, but rather to point out that the security practices need to improve because open source adoption by enterprises and governments is growing.'"

Study Says Open Source Software a Security Risk

This discussion has been archived. No new comments can be posted.

Search 86 Comments Log In/Create an Account

Comments Filter:

Conflict of interest (Score:5, Funny)

by 14erCleaner ( 745600 ) writes: <FourteenerCleaner@yahoo.com> on Monday July 21, 2008 @06:29PM (#24281351) Homepage Journal

Since Fortify is a security firm, it's obviously in their best interest to have everybody using 100% Microsoft products.

to explain the parent post with quotes : (Score:3, Funny)

by unity100 ( 970058 ) writes: on Monday July 21, 2008 @06:50PM (#24281579) Homepage Journal

Eric S. Raymond discusses the recent Microsoft security debacle in which an engineer inserted a back door in a library that allowed access with the phrase 'Netscape engineers are weenies!' The article notes that 'Apache will *never* have a back door like this one.

http://linuxtoday.com/stories/20234.html [linuxtoday.com]

WTF (Score:3, Funny)

by imaniack ( 638051 ) writes: on Monday July 21, 2008 @06:53PM (#24281623)

Don't they know OSS is PERFECT in every possible and imaginary way!!!! :)

Re:I've only heard of two of those... (Score:1, Funny)

by Anonymous Coward writes: on Monday July 21, 2008 @07:06PM (#24281781)

why isn't the app filtering out erronious inputs?

Obviously a PHP programmer - as only one of those could think that should be necessary.

Re:WTF (Score:3, Funny)

by Spy der Mann ( 805235 ) writes: <`moc.liamg' `ta' `todhsals.nnamredyps'> on Monday July 21, 2008 @07:58PM (#24282285) Homepage Journal

Yes, Mr.Strawman, I'm sure they do.
Hmmm... that got me thinking.
Straw man + flamebait = ??? (think of an ultra flamable scarecrow)

Re:Conflict of interest (Score:3, Funny)

by smittyoneeach ( 243267 ) * writes: on Monday July 21, 2008 @08:58PM (#24282901) Homepage Journal

Nonsense: GGP is properly spelled, employs a complete sentence, and proper punctuation. Modding it 'Funny' would be inconceivable.

Re:What we use (Score:1, Funny)

by Anonymous Coward writes: on Tuesday July 22, 2008 @02:42AM (#24285407)

as much support as support is needed for a screwdriver
Not to be inserted into penis [failblog.org]

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Study Says Open Source Software a Security Risk 86

Study Says Open Source Software a Security Risk More Login

Study Says Open Source Software a Security Risk

Conflict of interest (Score:5, Funny)

to explain the parent post with quotes : (Score:3, Funny)

WTF (Score:3, Funny)

Re:I've only heard of two of those... (Score:1, Funny)

Re:WTF (Score:3, Funny)

Re:Conflict of interest (Score:3, Funny)

Re:What we use (Score:1, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot