Simon Bisson (sbisson) wrote,
Simon Bisson

  • Mood:
  • Music:

Open Source vs. Closed Source - no one wins...

A good academic friend pointed out to me the regular meetings of Lonix, and last Tuesday's talk by Ross Anderson in particular.

I signed up, and marypcb and I wandered along, to meet our friend and to here what promised to be an interesting discussion on the economics of security and bug fixing. It was. Perhaps a little light on the mathematics, but it highlighted an interesting application of thermodynamics and auction theory to security analysis - and with an interesting conclusion: that under ideal conditions there is little or no difference between open and closed source development models.

More details of the talk can be found on The Register here, and more on the fascinating topic of security economics can be found on Ross' web site here.

One thought that struck me was that as we look at component architectures, web services and the like, the economic models may need to be expanded to take into account options analysis - especially if at a security architecture level we are deliberately designing in honeypots and the like...
  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded