Listen, we get it. A better mousetrap comes to market, captures the industry\u2019s attention and imagination and suddenly the executive team tells their PR agency to go all brass knuckle FUD on them (but black ops of course).<\/p>\n
Recently a few reporter friends sent us an email they got from Lewis PR \u2013 who represents Accellion.<\/p>\n
Here\u2019s our favorite line from the account executive from Lewis PR: \u201cWith questions still remaining around open source and security, Accellion\u2019s closed eco-system is far more proven\u2026\u201d Closely followed by: \u201cThe NSA scandal has rightly cast a spotlight on issues with public cloud, but at the end of the day, open source too has been prone to vulnerabilities.\u201d<\/p>\n
\u201cProne to vulnerabilities\u201d?? \u201cQuestions still remaining?? YIKES!!<\/p>\n
Everyone get off Google NOW, and no more Amazon!! In fact, considering most of the world\u2019s enterprises run significant amounts of open source software \u2026 RUN, RUN RUN FOR THE HILLS!!! I wonder if Lewis PR clients Mozilla and 10Gen know how their agency feels about them.<\/p>\n
Ok, I\u2019ll stop the hyperbole now and address this FUD publicly (as Accellion should have done if they actually believed it). We double-checked the email from Lewis PR, but couldn\u2019t find any facts behind their statements, so we thought we\u2019d provide them ourselves. Mind you, there have been few credible complaints about OSS security in 5+ years, but still\u2026<\/p>\n
So let\u2019s start<\/a> with Josh Bressers<\/a>, a senior security engineer at Red Hat explaining why open source really is the best model for building secure software.<\/p>\n \u201c“We don’t have clothes on,“ said Bressers.<\/p>\n He didn’t mean that they sit around Red Hat central naked – let’s hope that’s not what he meant. No, what Bressers meant was that in the open source world everything is visible.<\/p>\n „We have no secrets,“ he said. „We can’t sneak a security patch in. You can just look at the source code.“<\/p>\n \u201cBut in the closed source world, you have to trust your vendor completely. All you get to see are binaries, so you have no way of knowing how they were built.\u201d\u201d<\/p>\n How about North Bridge Venture Partners<\/a> and Black Duck Software<\/a>\u2019s seventh annual Future of Open Source Survey<\/a>. Said Michael J. Skok, general partner at North Bridge Venture Partners. „This year’s results signal a shift in reasons why open source is chosen over proprietary alternatives. Increasingly, enterprises see it as leading innovation, delivering higher quality and driving growth rather than being just a free or low-cost alternative. Going forward, as broader adoption creates a virtuous cycle of innovation and investment, we can expect more disruption from open source, new business models and many more exciting new projects and companies.“<\/p>\n