US military reportedly acts against ransomware groups The cost of flying internationally Spider-Man: Across the Spider-Verse trailer Omicron vs. delta Free COVID at-home test kits Cyber Week deals

Security from A to Z: Open source

Experts have issued warnings of complacency over security in open-source projects. Part of a series on hot security topics.

Whether open-source software and closed-source software differ in terms of security will always be debated. But what's clear is that vulnerabilities are found and exploited in both.

Speaking at London's LinuxWorld conference in October, Alan Cox, a respected figure in the U.K. open-source community, warned about complacency over the security of open-source projects.

Microsoft, leader of the closed-source world, makes more headlines than any other software maker when it comes to security. But that's because the company's products are used by nearly all PC users, not because Microsoft software has more vulnerabilities.

More attention is being paid to security of open-source software. The U.S. Department of Homeland Security even awarded a $1.24 million grant to Stanford University, Coverity and Symantec to hunt for security bugs in popular open-source programs.

Developers have been quick to fix many bugs found as part of the U.S. government-sponsored program. More than 900 flaws were repaired in the two weeks after Coverity announced the results of its first scan of 32 open-source projects, which include the Linux operating system, Apache Web server, MySQL database and Firefox Web browser.