Skip to content
Welcome guest. | Register | Login | Add
About | Wiki | Legacy

The Security of Free Software

With this article I want to point out how Free Software provides a secure environment and how important the community is.
Security is not only limited to "technology to keep crackers away from your data", but it also is about secured freedom. Just as laws in many countries secure that you have the right to voice out your opinion, Free Software secures its own freedom through its licenses.


Freedom is important to every human being. We do not want to be limited or restricted in any way.
But why do so many people not break out of the restrictions nonfree software imposes on them and choose to use Free Software?
Freedom is important, in every aspect of live. This does not only include the freedom of speech, but also freedom in computing and the freedom to research.


"True Freeness" symbolizes software that does not restrict you in any way. You may use it for whatever you see fit, you may examine or even change the code, and you may freely distribute it. This is what makes Free Software different.
It does not impose legal limitations on you, like not having the right to do with your software whatever you want. Nonfree software is not sold, you only buy the right to use it in the way the manufacturer wants you to use it.
Free Software also does not restrict you in technical ways. If the program is basically fit to what you need, but you need a few little changes here and there, you are free to adjust the program to your needs.


The "Community Effect" is what keeps your software free, or, if you want to say so, secures the freedom of your software.
This is due to what I like to call the "Las Vegas Analogy": "What happens in the community, stays in the community."
What this means is that once a piece of code is in the community it will stay in the community. If a company later on decides to change the license of their product to a nonfree license it is quite likely that the community will use the last free version to create a fork of that program and continue to maintain it as free software.
Also the "Community Effect" plays a great role in "Linus's Law", and by that keeps free software secure. But more about that a bit later.


As with secured freedom it is important to have secure technology. In the same way you don't want to be restricted in how you use your software, you do want to restrict others from breaking into your system to steal or manipulate your data. Look into the available data encryption solutions online as well. SafeNet offers some great encryption programs for businesses of just about any size. Whether you want to protect your applications, databases, storage systems, cloud environments, or virtualized platforms, there is likely to be a solution that fits exactly what you need. Data encryption is so popular because it has the potential to stop most problems before they happen. It’s especially important for those who are just starting out, as a security breach can effectively drain a significant portion of a smaller company’s funds.
Here is why Free Software does not only secure your freedom, but also your technological environment.


This sentence has been branded "Linus's Law" by Eric S. Raymond, named after the person who, unknowingly, started a revolution.
It basically says that there are enough people working on a problem, it will eventually get solved.
Though not all bugs may be shallow when only enough people look at them, but they are still much more likely to be discovered and fixed.
Finding bugs and security-problems in nonfree software requires experimenting, which takes time, and might even bring up results that cannot be reproduced in the same way on another machine. And some flaws might not even be found for years.
Since with Free Software everybody has the possibility to browse through the source-code bugs can be easier found, described and patched a lot easier, which results in a shorter period of time your system is vulnerable against the latest threads.


Interestingly many algorithms for encryption are freely available. You should think that this is something that should be kept secret at all cost, in order to not compromise the encryption-method.
Also it is good to have many people trying to break a method by analyzing the code. If this analysis shows that cryptographic algorithm is secure, then it is a sign of quality. This actually is another example of "Linus's Law".
Closed algorithms on the other hand cannot be tested that easy and, the same with nonfree software, this might result in flaws not found for a long time.
But that flaws are not found does not mean they are not there, or even unknown. There are enough people who might not want to disclose information about security-problems so that they can be fixed, but use them for their own purpose.


It all pretty much can be summed up by the "Community Effect".
Not only is the Free Software Community active and growing, but also it is a community full of capable people. Capable to modify and fix code, and even to fork and maintain program if license-politics make it necessary.
Also the "Community Effect" is responsible for the security of free software. Many people invest time to investigate the code most people just use for security-problems and fix these. This keeps free software secure.
Through these principles, "True Freeness", the "Community Effect", the "Las Vegas Analogy" and "Linus's Law.", Free Software provides secure freedom and secure technology, which together form a secure environment.


Nice article. Indeed,

Nice article. Indeed, freedom and security go hand in hand and less barriers does not necessarily mean more security.

One thought though, for the sake of the discussion. Considering that the amount of Free Software users is growing we could assume that there is also an increasing number of people with malicious intentions. There are then basically three groups of people among all Free Software users; those who just use it without contributing, those who use and lay their eyes on the code trying to find bugs to fix (including security issues) and those who lay their eyes on the code in other to find bugs to exploit.

The first group is basically on the neutral ground, but the "war" is essentially between the second two groups. Would one have to outnumber the other to win? In other words, would those who fix bugs have to outnumber those who exploit bugs in order for us to have a technologically secure environment, even if all code is Free Software?


Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.