There are some people won’t touch anything to do with open source projects as they feel it might have issues with security. What does open source actually do for security or change how it works?

  • @[email protected]
    link
    fedilink
    21 year ago

    To be honest I’m a FOSS advocate, but when I recommend software I absolutely mention that getting devs (capable of fixing that software) in a SLA for critical bugs is what the absolutely should do, or accept the security risk or operational risk of insecure software.

    • @[email protected]
      link
      fedilink
      11 year ago

      This risk extends even more to non-foss software though as organic fixes can’t happen and the company that owns it HAS to fix it for you. Not all purchase agreements say they have to do this, and again it is our organizations that bare the risk then.