[PCWorld]

Post your comments for Open Source Security Bugs Uncovered here

[Bruceslog]

Yeah ! Thank You for looking for these flaws, rapidly fixing these flaws, and being honest and open about these flaws ! This is one of open source's biggest strengths, the openness and willingness of each member of the community to pick part and repair it's offerings, for everyones benefit.

[Number3124]

In addition to what Bruceslog said, it would nice to see how priority software would do in the same tests.

[Bruceslog]

I was wondering the same thing myself. My immediate thought was that proprietary software makers tend to keep everything top secret, especially flaws in their code. So we'll likely never know. But, do to the very nature of writing code, I am sure that the number of closed source code flaws are at least equivelent to their open source counterparts, and maybe even more so, since closed source proprietary code does not have the benefit of so many people creating, examining, and improving on it's coding right from the start.

And, as the article mentioned, "Coverity also scans proprietary software, handling about 400 product
lines for private customers, but said its *private clients don't tend to
disclose information about bugs found in their products*." ( I bold texted the part of the quote relating to the discussion. ).

Judging from the many articles I've read about this issue. I firmly believe that secure coding in open source software is at least equal to, if not greater than, proprietary software. And when flaws are found, I believe open source stuff gets fixed faster than proprietary software code does.

I am also sure that if Bill Gates knew otherwise, we'd all hear him beating the drums ! :)