Myth or Fact: Is Open Source Software More Secure than Closed Source Software?

This paper examines one aspect of quality that organizations look for when selecting software, namely security. Studies over time have indicated that security; scalability, interoperability and flexibility are important however the major issue has always been support. This has led to the sometimes inflexible concept of Standard Operating Environments (SOEs) within organisations. Whilst SOEs provide many benefits to an organisation they can leave them vulnerable to several large security risks. CERT statistics show that security incidents have increased six fold since 2000 [1]. This paper will examine trends in both open and closed software development for a number of platforms that may be reducing the overall security of software. Whilst SOEs provide a larger target for security vulnerabilities and the heterogeneity of Open Source products may provide a less tempting target recent trends indicate that open source software may be becoming as vulnerable as the better known closed software products.