In 2014 the open source community faced more security challenges than it has at any other point in recent memory. The Heartbleed vulnerability in the OpenSSL project and ShellShock in the Bash shell undermined the confidence many had in a core premise of the open source movement.

Jim Zemlin, executive director of the Linux Foundation, addressed the issue head-on during last week’s Linux Collaboration Summit.

“In open source, we put our laundry out to air in the front yard,” Zemlin said.

Zemlin quoted the oft-repeated Linus’ law, which states that given enough eyes all bugs are shallow. That “law” essentially promises that many eyes provide a measure of quality and control and security to open source code. So if Linus’ law is true, Zemlin asked, why are damaging security issues being found now in open source code?

Read the Full Article: Source – eSecurity Planet
http://www.esecurityplanet.com/open-source-security/why-all-linux-security-bugs-arent-shallow.html

source not found