Open-source Security Software Security for Open-source Systems

S ome people have claimed that open-source software is intrinsically more secure than closed source, 1 and others have claimed that it's not. 2 Neither case is absolutely true: they are essentially flip sides of the same coin. Open source gives both attackers and defenders greater analytic power to do something about software vulnerabilities. If the defender does nothing about security, though, open source just gives that advantage away to the attacker. However, open source also offers great advantages to the defender, giving access to security techniques that are normally infeasible with closed-source software. Closed source forces users to accept the level of security diligence that the vendor chooses to provide, whereas open source lets users (or other collectives of people) raise the bar on security as high as they want to push it. This article surveys security enhancements that take advantage of the nature of open-source software. We'll concentrate on software security (mitigation of vulnerabilities in software), not network security (which is dealt with in terms of line protocols and is thus unaffected by whether other network components are open source). All the solutions that we'll consider apply to open-source systems, but they may not be entirely open source themselves. Software security is fundamentally simple: just run perfect software. Being that perfect software is infeasible for non-trivial systems, we must find other means to ascertain that large, complex, probably vulnerable software does what it should do and nothing else. classify methods that ensure and enforce the " nothing else " part into three broad categories: • Software auditing, which prevents vulnerabilities by searching for them ahead of time, with or without automatic analysis • Vulnerability mitigation, which are compile-time techniques that stop bugs at runtime • Behavior management, which are operating system features that either limit potential damage or block specific behaviors known to be dangerous Software auditing The least damaging software vulnerability is the one that never happens. Thus, it is optimal if we can prevent vul-nerabilities by auditing software for flaws from the start. Similarly, it is near optimal to audit existing applications for flaws and remove them before attackers discover and exploit them. Open source is ideal in this capacity, because it enables anyone to audit the source code at will and productively share the results of such audits with the world. The problem with this approach is that auditing source code for correctness, or even …