Is Open Source More Secure?

preview_player
Показать описание

Are Linux and other open source software vulnerable to malware?
In this video, cybersecurity expert Jeff Crume explores the consideration of open source security to explain how vulnerabilities are discovered and mitigated and shares key resources that can help.

  1. IBM Technology
  2. IBM
  3. IBM Cloud
Рекомендации по теме
Is Open Source 0:10:07

Is Open Source More Secure?

Is Open Source 0:14:00

Is Open Source More Secure Than Closed Source?

Is open source 0:03:33

Is open source more secure?

Is Open Source 0:07:38

Is Open Source Software More Secure Than Proprietary Closed Source Software?

Is open source 0:13:45

Is open source more secure?

Why is GNU/Linux 0:10:02

Why is GNU/Linux the Most Secure Desktop Operating System?

Is open source 0:00:58

Is open source software more secure than closed? NO (Bruce Schneier)

The Importance of 0:43:11

The Importance of Developer Tooling to Make Open Source More Secure by Default - Brian Behlendorf

3 Quick Fixes 0:00:50

3 Quick Fixes for Open Redirect Vulnerability! #openredirect #cybersecurity @ScanderLoud #techtips

Making Open Source 0:23:01

Making Open Source More Secure Through Collaboration | Brian Behlendorf

Is Open Source 0:11:51

Is Open Source Software More Secure?

Is Open Source 0:36:17

Is Open Source Licensing More Secure?

Firefox's ad tech, 0:19:42

Firefox's ad tech, CrowdStrike shenanigans, SecureBoot broken: Linux & Open Source News

Why Open Source 0:00:35

Why Open Source Software is More Secure and Safer Revealed #markzuckerberg #facebook #ai

Windows is More 0:10:38

Windows is More Secure than Linux

Here's How They 0:24:25

Here's How They Built The Most Secure Phone On The Planet

Open Source Is 0:21:55

Open Source Is More Secure: Mårten Mickos of HackerOne

Open Source is 0:21:00

Open Source is Pretty Secure, Actually

Secure Your Files 0:14:44

Secure Your Files with Encrypted Containers!

The Rise Of 0:13:51

The Rise Of Open-Source Software

DON'T USE GMAIL 0:07:23

DON'T USE GMAIL unless you make these 5 Critical Security Changes

How Open Source 0:09:45

How Open Source Can Help Organizations Build More Secure Environments

Why You Shouldn't 0:16:26

Why You Shouldn't Pay For Cybersecurity Tools - 9 Open Source Options for Small Companies

6 Must-Have Security 0:09:03

6 Must-Have Security Gadgets That Fit in Your Pocket

Комментарии
Автор

The major drawback of relying exclusively on open source projects (and I admit to doing the same at my workplace) is that they are considered "secure and tested" by default. Of course there are projects (e.g., Linux, AES, etc.) that undergo a high level of testing before being released as a new version, but we usually forget that these projects rely on other projects that in turn rely on other projects, and so on. Therefore, the status of individual tests should be checked before any upgrade or installation, running more tests internally (where possible) to ensure a lower level of possible attacks on the supply chain.

Simone-uune
Автор

Your level of making things understandable is insane. Thanks for the nice material in this delivery. We have missed you in the IBM videos :D

amigazo
Автор

Open source eco systems have their problems but it's always going to have more eyes than closed systems. There is a problem of a lot of people using open source but not contributing.

rookie
Автор

I love these IBM learning videos. They're so lucid and dynamic. Thank you Jeff.

Bobcoolyoung
Автор

Excellent description of a timely topic. Thank you!

InvalidPersistentName
Автор

the 1000 eye argument is also not valid if you check that some stuff is only maintained by a handful of people

velo
Автор

When you talk about failure of opensource i would like to share that it's there respective community who encouraged hard-coded password to write inside the code, it's not software failure rather than those community discourage individual to write or make secure product by not mentioning in their document. Also today processors are advanced and they do in memory encryption which can be used by these open source software to secure or turn this failure into success

computelabs
Автор

Open source software can be only be secured if the dev or admin knows about security and he has done audit its softer ware security, otherwise I can see that if source code is open or available that does not mean it's secure because source code is available or visible.Any attcker can read the code and design the exploit specifically, overall the dev or owner should be smart enough to turn it into secure

computelabs
Автор

How does he mirror write? 🤷🏼‍♂️
Cool video 👍

truffies
Автор

Open source is self organizing and more scalable. With open source products, a community of maintainers, contributors, and users share amongst themselves the burden of identifying and solving problems. With closed source products, a handful of employees of an organization must wear all the hats. Closed source is also tempted by "security by obscurity"; a non-option for open source.

bakerkawesa
Автор

3:44 As AI advancements come, I am very sure that automated code inspection to find vulnerabilities is very close, when AI finds something it will be derivative to a human being doing a manual inspection.

Great advances in security are coming, much more with the large context windows that are being generated with almost no flaws, will it be with GPT-5, Gemini Ultra 2.0 or Claude 4, or the next generation, I really don't know, but, I'm excited.

libertadtech
Автор

Wow... It was 2006-2007... Almost 20 years ago...

rucellegarciano
Автор

How'd you get the eyes to blink 😮

spelz
Автор

As a developer security by obscurity is my daily business.

Strammeiche
Автор

I will still use linux over window$ any day.

DV-mlfm
Автор

Here's a thought, why not train an AI to look for zero-day exploits in open source code. Switching to Linux would then be a no-brainer

ReefGeoscience
Автор

"I can see the source code..." Which you can also do with "proprietary" software, if you have, say, a decompiler. The translation between human-readable code and machine code is far more understandable than say the translation between the English language and Arabic. So no, "proprietary software" isn't a "black box".

karlostj
Автор

I remember, our Computer Science 101 Laboratory at the College of Engineering was on Linux. At first, I was surprised how weird it was because our Computer lab in high school was on Windows...

It was my first experience of Linux.

Ubuntu, Linux.

I asked why we were using Linux... And the answer that I got was that it was open source. Again, my first experience of the phrase "open source".

But they also further added that we were using Linux because, compared to Windows, it was more immune to computer viruses... But not totally...

Windows is great... It is preferable but Word, Excel, the whole kit and caboodle, is already not free.

Windows is great but it is not free... And I am in a third world country... So... 🤷

rucellegarciano
Автор

It is but like any other system, it can be hacked too🤞🏾

Pem
Автор

First, learn what Linux is. This will be a good first step.

gogich