While thinking on the subject of operating systems, I wondered which actually was more secure: a proprietary OS, or an open-source OS. Both have some things going for them: open-source software potentially has thousands of programmers working on it constantly to improve it, while proprietary software's source code is kept secret, so potential hackers don't know the exact workings of it. Please, no flaming! Oh no, too late!

*Ducks and covers*

I vote equal, because it seems to me that while open source might be more secure, this is overridden by the lack of source code otherwise. Also, the reason it appears open source OS's are more secure is because less people use them.

I would vote for "They're both roughly equal in security." since both have their advantages (you don't know the code vs. faster fixing). A really good proprietary software developer could be the best, if enough good people work for it. That'd be the contrary of Microsoft ... and that option was so tempting, I had to vote for it! =) But one cannot say all proprietary software is bad only because of MS.

Oh and... Half Life 2's "open source" doesn't make it more secure (I hope they have changed enough in their code...)

...the ~69% of web servers out there running Apache, an open source web server, invalidates that statement...

I think Open Source is more secure, but Apache doesn't invalidate his statement.

1) Apache is not an OS.
2) Apache can be run on non-open source operating systems, although I have no doubt that many servers running Apache are Linux.
3) 69% of servers != most users.

I'm surprised... Normally, within an hour of posting such a polarized topic, that this threat would have been spammed with over 20 different posts, most of which could be summed up as "Ms suxbad kthx by" or "linuks usrs are evl kthx by". Of course, please don't bother to try to correct my spelling for those two; I never actually use that language...

I didn't vote, because I am not qualified to answer, and I doubt any of you are either. (then again, I could be wrong... some of you run servers)

Hey, I run servers, and I'm nowhere near qualified to answer.

Still voted, though.

Why doesn't anyone make check boxes in polls anymore so I could point out how stupid they are? It was my only reason to live...:(

You might have better luck if you look for the stupider people.

First option: Dissassembling is possible. Not easy but possible. And there are many ways to hack a program. Most security flaws are found by accident.

Second option: If by what you mean security you mean protection against malicious things (hacking, virus, etc.), then I wouldn't say OSS is NOT secure. Any hacker can view the source of the program and find ways to exploit. If the security feature of the program were closed source, then that would bring security. Although I do not know if that will be permitted under most OS licenses.

Third option: I wouldn't say equal...I wish I thought about this more before clicking buttons.

Fourth option: ePenisSize++; That's all I have to say about this.

http://www.doigtsagiles.com/epenis

I vote open-source. I don't care if less people open-source OS'es. If that means less people hack them, then obviously they are more secure to use, although not necessarily by construction. When was the last time you had to unplug your broadband connection to install Linux?

You can secure both open source and proprietary OSs (yes, even Windows) and you can leave them with all security flaws you want (or don't want). It depends on the administrator.

What brings the most security to OS-software is that you can actually review the code before using it. So that you will know what the OS is doing.

If I had a bank I would only use my own software or software that I have reviewed.

And software should written so that there is no chance of exploiting the code. And if there is a security flaw there are more people to find and repair it.

The argument that Windows is a larger target, therefore has more people trying to crack it, and that if Linux had as many people trying to crack it then it would be as full as holes as Windows is missing the point.
Windows has more vulnerabilities that crackers are actively explointing right now than Linux.

Windows is designed in such a way that many portions of the OS interact with each other. This has two major consequences for patching: the patch is more complex to produce, and it must be tested more extensively to ensure it doesn't break other things. And even then, patches produced by Microsoft have broken other things in the past.
Windows is designed in such a way that producing patches for vulnerabilities takes longer and is more likely to break other portions of the OS when applied.

Windows has evolved from an OS that took a very simplistic view (if you're arguing that it took any view at all) of security. It was designed as a single-user OS with no networking. Security has had to be "bolted-on" retrospectively. Unix (from which Linux derives some of its main design features) was designed from the start as a multi-user OS, and had a security framework in place to protect users from each other. With this framework it was easy to implement other, more advanced security features.


As to Open v Closed Source:
I personally believe that Open Source, in general is more likely to produce code that is free from buffer over-run vulnerabilities, and other basic coding errors that lead exploits for programs and OSes. I think this because when the whole world can see what you're producing, you tend to be a lot more careful - any flaws in the code reflect poorly on you personally.
That's at the low level though. The real problems lie in the system design, as that is where the true exploits occur. It doesn't matter if your front door lock is manufactured to the highest quality if someone can break into your house through a skylight (okay, poor analogy, but hopefully you're following me).
At this level, I don't really know what difference Open vs Closed makes. I think it comes down more to if the design of the system is guided through by a group of people that totally understand the problem, the environment and the entirety of the system. That isn't something Open Source can help with as much. That's project management.

Overall, I think that it's not that Open Source is a better model for producing software, I believe it's more because Open Source allows the bad programs to be recognised as such, and for the projects to die. It's a bit like the concept of Natural Selection: a well written project that fulfills a specific need will gain interest and popularity at the expense f projects that either aren't well written/designed or that exist for little to no purpose. And also, when a project reaches a point where the problem doesn't exist or has changed, the project must either adapt to the changed nature of the problem, or it will lose interest and popularity, until it dwindles to perhaps a lone programmer tinkering away at it. Meanwhile other projects will have taken the resources (Open source developers) freed up by the 'death' of the other project.

With Closed source it doesn't matter so much if the product is any good or if it is really needed/wanted. Inevitably, since it is a commercial venture, it will come down to marketing. Success in these terms is defined by how many units you can ship, and that is directly affected by marketing - Microsoft is a great example of this.


Hopefully there's some meat in this post for both sides of the debate to chew over. I'm not an extreme on either side of the Open v Closed source issue. I truly believe there is a market for both models. However, I am quite passionate about open STANDARDS. I also subscribe to the notion of FREE software in the true sense of the phrase: FREE as in FREEdom, not zero price.