CNET también está disponible en español.

Ir a español

Don't show this again

Biden wants Fauci as chief medical adviser: report Watch Arecibo Observatory collapse Stimulus package status Cyberpunk 2077 Another monolith PS5 inventory Spotify Wrapped 2020

Security from A to Z: Open source

Experts have issued warnings of complacency over security in open-source projects. Part of a series on hot security topics.

Whether open-source software and closed-source software differ in terms of security will always be debated. But what's clear is that vulnerabilities are found and exploited in both.

Speaking at London's LinuxWorld conference in October, Alan Cox, a respected figure in the U.K. open-source community, warned about complacency over the security of open-source projects.

Microsoft, leader of the closed-source world, makes more headlines than any other software maker when it comes to security. But that's because the company's products are used by nearly all PC users, not because Microsoft software has more vulnerabilities.

More attention is being paid to security of open-source software. The U.S. Department of Homeland Security even awarded a $1.24 million grant to Stanford University, Coverity and Symantec to hunt for security bugs in popular open-source programs.

Developers have been quick to fix many bugs found as part of the U.S. government-sponsored program. More than 900 flaws were repaired in the two weeks after Coverity announced the results of its first scan of 32 open-source projects, which include the Linux operating system, Apache Web server, MySQL database and Firefox Web browser.