The Success of Products Like Apache and Linux has Propelled Increased Awareness and Adoption of Open Source Software
Hemant K. Jain, UWM Sheldon B. Lubar School of Business
Balaji Rajagopalan, Oakland University
Nitin Walia, UWM Sheldon B. Lubar School of Business
Despite increased adoption of OSS products, questions about their security and reliability remain. Using four popular OSS and proprietary products as an initial sample, we examine the vulnerability patterns in OSS and proprietary products. Our analysis suggests that for both proprietary and open source products, in general, severe vulnerabilities are identified relatively late in the product's life and continue to emerge months after the software release. In particular, contrary to expectations, detection of vulnerabilities is no faster in open source than proprietary products. However, open source products had a lower count of vulnerabilities at all levels of severity compared to proprietary products. We propose a conceptual framework to explain the variations in vulnerabilities between the open source and proprietary products.
To further strengthen, substantiate, and expand our first study, we intend to use SourgeForge.net data recieved to expand our data sample and perform a comparative study of open source software and proprietary software.