Is building an OS on an open source core safe?

B

boyfarrell

Registered
Hello everybody,

Was just thinking about Darwin. Doesn't having the source code make it easy to hack? Why did apple go this route when developing OSX? I remember when some of the windows source was leaked a fer years ago ...

Daniel.
 
If that were the case, Linux would be a complete mess, as would the BSDs. However, they manage to stay quite robust and secure (for the most part) compared to most proprietary software. You see Linux and BSDs being used for server as well as critical application use. Major companies are backing Linux and other open source operating systems on various platforms as alternatives to proprietary UNIX and Windows operating systems.

So no, I don't see how having the source open would make it a security risk, unless you believe the FUD dished out by SCO and Microsoft. :rolleyes: Open source allows you to have access to the entire source code, meaning that if someone tried to inject something maliscious into the code, developers around the world would have picked it up and reported it (this has already happened and was caught before making it into a particular release of the Linux kernel). It's all about accountability, which is something you won't find in proprietary operating systems.
 
The conventional wisdom that it is actually more secure because it is built on an open source foundation. There are more eyes looking for security flaws and there is no way to hide them. The big problem with the window's source is because it was not subject to the same level of scrutiny there are many security flaws that were not fixed or even identified because it was unlikely that any users would have known about them. This "security through obscurity" fails catastrophically when the obscurity goes away.

In the long run the added attention paid to open code in this situation makes things much more secure.
 
I see...

I thought that if you had the knowledge of how something works it would be easier to write a virus for it. I don't mean putting actual code in the kernal to allowing hacking.

Then again I'm not much of a programmer so may be I don't understand the situation.
 
There are two main features of any virus: some sort of way it can run, and some sort of way it can propagate itself.

Windows operates on the basis that everything runs at user-level (which, by default, is root). OS X, and other open-source OSes don't. Therefore, getting a virus to run is child's play on Windows, because you can just latch on to any other file or application.

Propagation needs flaws in the OS (or stupid people). Stupid people aren't protected on either platform, and flaws in the OS tend to be caught by the developers quicker than they are exploited by viruses and what not.
 
You must log in or register to reply here.
Back
Top