Study Says Open Source Software a Security Risk 86
chareverie writes "Fortify Software released a study where they concluded that open source software poses a large security risk to corporations who have implemented it. They reason this by stating that the fault lies within the open source communities and their failure to adhere to minimum security practices. Fortify Software studied 11 open source software packages, where the application server Tomcat was determined to be the best. The other 10 were found to have poor results, with those being Derby, Geronimo, Hibernate, Hipergate, JBoss, Jonas, OFBiz, OpenCMS, Resin and Struts. Jacob West, manager of Fortify's research group, reminds that purpose of the study was 'not to condemn open source software, but rather to point out that the security practices need to improve because open source adoption by enterprises and governments is growing.'"
Conflict of interest (Score:5, Funny)
to explain the parent post with quotes : (Score:3, Funny)
Eric S. Raymond discusses the recent Microsoft security debacle in which an engineer inserted a back door in a library that allowed access with the phrase 'Netscape engineers are weenies!' The article notes that 'Apache will *never* have a back door like this one.
http://linuxtoday.com/stories/20234.html [linuxtoday.com]
WTF (Score:3, Funny)
Re:I've only heard of two of those... (Score:1, Funny)
why isn't the app filtering out erronious inputs?
Obviously a PHP programmer - as only one of those could think that should be necessary.
Re:WTF (Score:3, Funny)
Yes, Mr.Strawman, I'm sure they do.
Hmmm... that got me thinking.
Straw man + flamebait = ??? (think of an ultra flamable scarecrow)
Re:Conflict of interest (Score:3, Funny)
Re:What we use (Score:1, Funny)
Not to be inserted into penis [failblog.org]