On Thu, 2002-06-20 at 21:57, Andrew Plato wrote: > I'd be interested in seeing a study like that. I wonder what the mean time between discovery of a problem and a widely acceptable fix being available is for open-source vs. closed source? My intuition tells me that close-source may take longer to acknowledge and come up with a fix, but it can spread that repair out quicker because it has a more organized notification channel. Where as open-source might repair the problem faster, but spreading it out to users would be slower because there is a lack of centralized coordination. I would speculate then, that the same conclusion would result...open and closed source would have about the same real-world response time. > > I could cite an example...when IIS has a bug we hear about it all over the news which would prompt people to get the update. But when a new version of Snort comes out that repairs some bug, people don't know about it until they happen to stop by the Snort site and notice that there has been a version update. > Andrew, you need to wrap lines. IIS is a bad example, in oh so many ways. The reason you here news on it is its a Monopoly Company program. Also the flaw is almost always published first. Now look at response time to lesser known programs that don;t make CNN. I think you will see very low lead times. Also closed-source does not define in any way a better understanding of the user base. If Company X used Company Y's tech that now has a hole, does the user know? > Andrew Plato > -- Zot O'Connor http://www.ZotConsulting.com http://www.WhiteKnightHackers.com
This archive was generated by hypermail 2b30 : Sun Jun 23 2002 - 04:35:17 PDT