Three Ways To Improve Your Open Source Software Security Thinking


Security concerns gained enough traction in January to warrant a summit on OSS security at the White House. And, as global hacks such as SolarWinds have increased, many organisations now want to take the most conservative approach to security possible. I understand. Risk is frightening. However, it is not unique to open source. As a member of the growing open source community, I can’t remain silent as recent events cast doubt on the technology and promise of open source. So, if you only see open source through the narrow lens of security, I want to open your eyes to the opportunities you may be overlooking.

Patching outdated open source security thinking

It is not only incorrect to dismiss OSS as vulnerable or risky. It can be costly. Businesses can benefit greatly from open source development by speeding up deployments and making collaboration easier. And, as the open source community has grown in size and support, the risk landscape has become much more manageable. But if you’re still on the fence, here are three reasons to reconsider your position on open source:

  • A strong community contributes to the security of OSS. Isn’t open source dangerous because anyone can see the code? Yes, and that applies to both the good guys and the bad guys. If I’ve learned anything from attending numerous open-source meetups, it’s that the passion and dedication of its members frequently outweighs the intentions of even the most greedy hackers. We have a tendency to believe that security should be based on secrecy, but history has shown us that this is not the case. Open source levelled the playing field and allowed more minds to examine the problem at the same time.
  • Transparency and adaptability are fueling a new wave of talent. There are nearly 3 billion Android devices in the world, each with an open system that allows for far more customization than Apple devices. With their pocket-sized computing power, Android’s open-source system allows users to make phones mimic their personalities with themes, but they can also become power tools. Just as the Myspace generation learned to code through the social network, open source Android devices in today’s students’ pockets and backpacks could inspire a new generation of tech talent.
  • Open source is the way of the future for inter-company collaboration. Open source is becoming the standard for cross-company collaboration in business-to-business markets and among enterprises. Companies with long histories of proprietary development cycles, such as Microsoft Corp. and Oracle Corp., are embracing this approach. Oracle even consolidates and highlights its developers’ open source efforts in a separate section of its website. This not only helps to legitimise the open source ecosystem, but it also lays the groundwork for official and de facto standards that will ensure open source has a permanent place in even the most complex development ecosystems.

Despite recent headlines and growing pains, open source software continues to provide a valuable opportunity for growth and innovation. Its growing influence is difficult to deny, and with a passionate community behind it, it is difficult to doubt.


Please enter your comment!
Please enter your name here