Quote: "The success of Sardonix would have proved a key argument that open-source advocates have used to lend validity to the cause since time immemorial: that open-source software is more secure because the source is available to the world to be audited. The project's failure is a reminder that the statement is a myth."

It seems that the project failed because it was offering something to the open-source community that they didn't want, not because open-source programmers really only look for bugs to later exploit them as the author suggests. The author and the creators of Sardonix must be convinced that open-source code revisionists practice their skills to reap some sort of benefit in either the form of fame, credibility, or the option of future exploitation...yet they ignore the possibility that some programmers do what they do simply because they like to. Enjoying programming and providing your work to others without actively seeking benefit is what started the open-source movement, this concept however seems to have eluded the Micro$oft minded individual who created this piece.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/218/24862#24862