Have Heartbleed and Shellshock changed your attitude to open source security?

Linus’s Law states: “given enough eyeballs, all bugs are shallow”. In other words, when many people can look at source code, bugs and security holes should be discovered quickly. This is one of the benefits of open source and free software – at least, it’s one that many of us talk about.

But after two major FOSS vulnerabilities in recent months, Heartbleed and Shellshock, can we keep advocating open source in this way? Do you look at FOSS in a different light now? Or is the real problem that, despite being open source projects, very few people were actively working on OpenSSL and Bash?

Let us know your thoughts, and we’ll read out the best comments in our upcoming podcast – to be recorded at OggCamp this weekend!

24 Comments

Leave a Reply to Daniel Cancel reply

Your email address will not be published. Required fields are marked *