[Gllug] p2p programs

Simon Morris mozrat at gmail.com
Mon Nov 14 13:44:15 UTC 2005


On 14/11/05, Andrew Farnsworth <farnsaw at stonedoor.com> wrote:
> On Mon, 14 Nov 2005 11:51 , Simon Morris <mozrat at gmail.com> sent:

> >
> >My point was you can't rubbish software from a vendor just on the
> >basis that you don't have the source code.
> >
> >Having the source code doesn't automatically mean secure applications.
>
> While this is true I have to say that one reason I feel that Open Source software is more secure is for three basic reasons.

[Snip 3 reasons]

> Having your source code exposed to the thousands, nay millions, of developers in the world makes one very conscious of the actual code they are producing.  This is the reason that many companies have code review sessions on a regular basis.  When a programmer knows they are going to be showing off their code to their colleages and peers they will take extra care to have it looking good and working well.
>
> Andy Farnsworth

Andy,

I agree with all of the above. Perhaps my response to Shakthi's answer
to "it must be insecure if you can't read the source code" should have
been

"You can't claim it is insecure just because you cannot read the source"


--
~sm
Jabber: mozrat at gmail.com
www: http://beerandspeech.org
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list