Security Bites podcast

Read all 'Roger Thornton' posts in Security Bites podcast
July 25, 2008 2:01 PM PDT

Security Bites 109: Open-source security

by Robert Vamosi
  • 1 comment

For years, one of the arguments for using open-source software instead of proprietary software held that open source was more secure. After all, having thousands of eyes looking at the code can't but help find and mitigate potentially dangerous bugs. A new report from Fortify challenges that assertion.

Open-source software can be found in over half of the enterprises today. And open source code can be found within the Mac OS 10 operating system. But how are open source vulnerabilities and, more importantly, their patches handled?

This week a report from Fortify found that, while vulnerabilities exist and are reported within the open-source community, not every open-source project had a clearly defined contact or security alias. Nor was it clear what the process would be for issuing a patch, or how the projects conduct their own vulnerability assessments. The report looked at several known open-source projects such as JBoss and Tomcat.

CNET's Robert Vamosi spoke by phone with Roger Thornton, CTO at Fortify about the report and its findings.


Listen now: Download today's podcast

Topics:
Podcasts,
Security
Tags:
security,
Security Bites,
Roger Thornton,
Fortify,
open source,
vulnerabilities
Share:
Digg
Del.icio.us
Reddit
  • prev
  • 1
  • next
Subscribe to the Security Bites podcast

Subscribe to this podcast using an RSS reader other than iTunes

Subscribe to this podcast using iTunes

advertisement

15 sites that went kaput in 2009

Web sites launch all the time, but they also shut their doors. We highlight 15 that bit the dust this year.

Top 10 news stories of the decade

Let the debate begin: Was the iPhone more important than iTunes? Was anything bigger than Google finding a great business model? CNET offers its list of the 10 most important stories of the '00s.

About Security Bites podcast

Backdoors, pharming, botnets, phishing, rootkits, viruses, worms. Feeling vulnerable? Every Friday, CNET.com's Robert Vamosi will tell you about the latest security threats, what's coming, and how to protect your system.



View all Security Bites podcast episode blog entries

Add this feed to your online news reader

Security Bites podcast topics

Related links
Robert's Defense in Depth blog
CNET's Security Center
Security news
Security blogs
Spyware, viruses, & security forum
Top security and spyware downloads
Other CNET podcasts
Meet the host of Security Bites
Robert Vamosi Robert Vamosi has appeared on CNN, NBC, ABC, MSNBC, and various other media outlets as an expert on computer viruses, spyware, identity theft, phishing, and other criminal activities on the Internet.

Most Discussed

advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET