How Good Is Cisco's Security Planning?

from the as-if-it-were-open-source? dept

In the ongoing (and somewhat silly) debate between open source advocates and proprietary software advocates, both sides like to brag that their method is better for security. Proprietary software advocates point out that by hiding the source code it's much harder for anyone to determine vulnerabilities, and allows the owner of the software to patch them quickly. Open source supporters contend the opposite is true. If the code is open, then everyone knows what's available so the natural security of the program needs to be top notch. If it's not, lots of people can contribute to a fix quickly. Well, that debate has become a bit more interesting now that everyone is scurrying around talking about how Cisco's IOS source code was swiped last week and people are wondering what sort of vulnerabilities will be turned up and exploited. Eric Raymond (whose beliefs supporting open source are well known) makes the very reasonable point that anyone developing proprietary software really ought to design it as if the source were open - in order to deal with exactly these situations. If Cisco had open sourced their IOS in the first place, the argument goes, people wouldn't be worried about vulnerabilities right now. That does leave out the other side of the story, but it is true that anyone developing software believing they can be lax on security because their source code is closed is living in a dream world. Not to say that Cisco's IOS isn't secure - but now lots of people need to worry about it.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.