Linux shown to be more secure

Internetnews.com reports on a new study which has found that Linux is more secure than most commercial software — results that echo what its proponents have long said.

A four-year study released today by Coverity, reports Linux has a low bug count, making the code more stable and secure. The 2.6 Linux production kernel, now being shipped with software from Novell and other Linux vendors, contains 985 bugs in 5.7 million lines of code, far below the industry average, said Seth Hallem, Coverity’s CEO.

“Our findings show that Linux contains an extremely low defect rate and is evidence of the strong security of Linux,” Hallem said. “Many security holes in software are the result of software bugs that can be eliminated with good programming processes.”

Commercial software contains 20 to 30 bugs for every thousand lines of code, according to Carnegie Mellon University’s CyLab Sustainable Computing Consortium. That is the equivalent to 114,000 to 171,000 bugs in 5.7 million lines of code.

“Linux has continually improved over the period since we first began analyzing it,” Hallem said, adding that open source has a big advantage, because so many eyes had the opportunity to search it for flaws.