How Good Is Cisco's Security Planning?

from the as-if-it-were-open-source? dept

In the ongoing (and somewhat silly) debate between open source advocates and proprietary software advocates, both sides like to brag that their method is better for security. Proprietary software advocates point out that by hiding the source code it's much harder for anyone to determine vulnerabilities, and allows the owner of the software to patch them quickly. Open source supporters contend the opposite is true. If the code is open, then everyone knows what's available so the natural security of the program needs to be top notch. If it's not, lots of people can contribute to a fix quickly. Well, that debate has become a bit more interesting now that everyone is scurrying around talking about how Cisco's IOS source code was swiped last week and people are wondering what sort of vulnerabilities will be turned up and exploited. Eric Raymond (whose beliefs supporting open source are well known) makes the very reasonable point that anyone developing proprietary software really ought to design it as if the source were open - in order to deal with exactly these situations. If Cisco had open sourced their IOS in the first place, the argument goes, people wouldn't be worried about vulnerabilities right now. That does leave out the other side of the story, but it is true that anyone developing software believing they can be lax on security because their source code is closed is living in a dream world. Not to say that Cisco's IOS isn't secure - but now lots of people need to worry about it.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.