Symantec weighs in to open source security debate

A senior executive of one of the world's largest IT security companies, Symantec, waved a red rag at the open source software community yesterday.Microsoft has continually had the dunce cap pulled over its ears as the Internet struggles with a deluge of virus and spam activity, accused of leaving a smorgasbord of vulnerabilities in its products for miscreants to exploit.

A senior executive of one of the world's largest IT security companies, Symantec, waved a red rag at the open source software community yesterday.

Microsoft has continually had the dunce cap pulled over its ears as the Internet struggles with a deluge of virus and spam activity, accused of leaving a smorgasbord of vulnerabilities in its products for miscreants to exploit.

However, commenting on the situation at IDC Security Vision event in Sydney, Symantec Asia-Pacific vice-president Vince Steckler said today's open source operating systems wouldn't fare any better if they were more dominant than their proprietary counterparts.

"If 90 percent of the world started using open source tomorrow we'd still have the same problems," said Steckler.

Steckler also claimed that "some would argue" that the situation would be worse were the shoe to be on the other foot, but did not name his sources.

Richard Cullen, technical manager with SurfControl, who was also present at the event, agreed that Microsoft's ubiquity placed it under more scrutiny from crackers, but he was less definitive about the question at the heart of the issue: which operating system is more secure?

"[Open source] is more open to public scrutiny because the source code is always available, but it tends to be created by an ad hoc collection of software developers, rather than a dedicated team," said Cullen.

"I'm not sure I have an answer for you".