next »

[isthisthingon]

http://www.networkworld.com/news/2010/012710-free-software-cios.html?source=NWWNLE_nlt_daily_am_2010-01-28

Perhaps this is more regional, but from where I sit free software and open source are completely dominant players.  Here's a nice list of 20 free software favorites: http://www.networkworld.com/slideshows/2008/041608-20-free-software-favorites.html

Getting involved in the free software / open source world feels like giving back by doing what I love to do.  It's awesome 

[vsloathe]

Props for Snort, pfSense, etc.

No serious security professional entrusts his network to closed-source software.

[kurdt]

No serious security professional entrusts his network to closed-source software.

But even worse are those security "professionals" who blindly trust open-source software just because it's open-source.

[isthisthingon]

But even worse are those security "professionals" who blindly trust open-source software just because it's open-source.

Never met one but I'm sure they exist.  Being simultaneously blind and open seems less likely than being blind and closed.  In any case, I believe that:

Incompetence is a far greater foe than any technology choice   

[vsloathe]

No serious security professional entrusts his network to closed-source software.

But even worse are those security "professionals" who blindly trust open-source software just because it's open-source.

I don't know anyone like that. Every serious security professional I know has contributed code to an open source product...it's pretty much a prerequisite unless you're a Kevin Mitnick.

I'm not talking about network administrators or even CTO/CIOs here either. I'm talking about *security professionals*.

[vsloathe]

Whitehat Hacker is synonymous with my use of "security professional" in this thread.

Also, even if you "blindly" use open source software because it's open and have never contributed a thing...at least you have the *option* to examine the source. You don't need to allege anything, you don't need to worry or be suspicious of anything...if you have a question, the code is all laid out in very nice, collaboratively-structured format for you to examine.