news.com.com— The most popular open-source software is also the most free of bugs, according to the first results of a U.S. government-sponsored effort to help make such software as secure as possible.
Mar 7, 2006View in Crawl 4
While Linux, Apache, MySQL and PHP are a very powerful tool for developing online applications, the security aspects are overblown. Sure, the framework components themselves (ie: Linux, Apache, etc) are reasonably secure, but I have seen mounts of truly abhorrent PHP code over the years. I suspect, though I have no data to back this up, that the incidence of security holes in PHP based software out there is extremely high. There are countless examples of widespread security holes over the years in things like phpBB, phpNuke, and other popular PHP applications.Bottom line, the security of the underlying technology doesn't make up for piss-poor coding at the application level.
NeuronBasher: very good point. I would have posted a similiar commend but you did a fine job. I run a forum with phpBB and have to update it frequently to keep up with mounting php (and other) bugs. Everyone loves to blame windows, but if you follow bug tracking websites, you will an amazing amount of bugs in all software , especially open source software. My database is very valuable to me and my community, and forum software that uses php can put the data at risk so I have to keep updated. I dread the patches that get released late friday afternoon right before the weekend kicks off, but hey, i love the open source community and the poower of LAMP so if I have to keep updated on patches to protect the setup, then i will do so. The benefits are great.
stoopsMar 7, 2006
I think Microsoft should take note. OpenSource is gonna rule the world man, one day.
neuronbasherMar 7, 2006
While Linux, Apache, MySQL and PHP are a very powerful tool for developing online applications, the security aspects are overblown. Sure, the framework components themselves (ie: Linux, Apache, etc) are reasonably secure, but I have seen mounts of truly abhorrent PHP code over the years. I suspect, though I have no data to back this up, that the incidence of security holes in PHP based software out there is extremely high. There are countless examples of widespread security holes over the years in things like phpBB, phpNuke, and other popular PHP applications.Bottom line, the security of the underlying technology doesn't make up for piss-poor coding at the application level.
cbreakerMar 7, 2006
It's been generally accepted to include PHP/Perl/Python into the "P" these days.
cbreakerMar 7, 2006
Who forgets?
ericthedudeMar 7, 2006
Apache, MySQL, and PHP come standard in OS X. Apple has already taken note.
jnitz36Mar 8, 2006
NeuronBasher: very good point. I would have posted a similiar commend but you did a fine job. I run a forum with phpBB and have to update it frequently to keep up with mounting php (and other) bugs. Everyone loves to blame windows, but if you follow bug tracking websites, you will an amazing amount of bugs in all software , especially open source software. My database is very valuable to me and my community, and forum software that uses php can put the data at risk so I have to keep updated. I dread the patches that get released late friday afternoon right before the weekend kicks off, but hey, i love the open source community and the poower of LAMP so if I have to keep updated on patches to protect the setup, then i will do so. The benefits are great.
nagoneMar 8, 2006
actually, P stands for Perl PHP Python and Ruby(because R is a P with a little thing hanging down).