Personal tools
You are here: Home fsc FAQ Secure with Free Software

Logo Provinz Bozen

 

Logo Stiftung Sparkasse

                                                                                    

 TIS innovation park, p. iva IT 01677580217

 

How secure can you feel with Free Software?

The notion of “security” does not describe the actual condition of IT systems. IT security is not even a product, rather it is a process. The main objective is and will always be to prevent anything and anyone from performing undesirable actions in one’s computer or to stop such actions. Thus, IT security is guaranteed when everything continues to be as it should be. For one’s IT security, it is therefore necessary to define the meaning of “everything”, “continues” and “should be”! The computer, the operating system, the programs and the data stored in a PC are part of all this, as are the networks to which a PC is probably connected. In any case, the main principle to follow is based on the idea that an IT system can be judged secure when the efforts needed to enter the system are higher than the benefits that the intruder could obtain. Moreover, those opting for Free Software already have an advantage in terms of security. After all, Free Software provides access to the source code and relies on the fact that possible errors or disruption attempts may be quickly found out and eliminated.


Who doesn’t want to feel secure?
There are people climbing mountains without ropes and protection, people skiing fast without helmet or driving at high speed and not wearing a safety belt. However, generally, most people feel the need for safety and security. Who would accept to run unsustainable risks and look for danger without careful thought? Security also plays a fundamental role in abstract situations, e.g. in financial investments. In whatever field people may have to address the issue of safety and security, it is always a matter of approximation. Who can guarantee 100% security and totally exclude all the risks? How secure we may feel and which risks may be considered sustainable depend on several factors. In this respect, every single person can give a subjective and individual assessment. Security plays an essential role in the world of bits and bytes as well. The following principle is valid in this world: an IT system can be considered secure whenever the efforts needed to attack it are higher than the advantages that could be obtained by the intruder. For this reason, it is important to obstruct attacks as much as possible and, consequently, reduce the risks.


You can never feel secure enough!
At the beginning of the computer era, security meant that hardware worked without problems and that there were no failures, e.g. affecting tapes or other mechanical components. Then, attention was directed to software as well: are programs installed in security? Will the operating system have a crash? Is there enough memory? With the development of new memory devices, many new elements threatening IT security emerged. Virus, trojan, worm, spoofing, phishing, pharming or vishing. All these and other techniques to attack computers may expose computers to danger. Therefore every user needs to deal with the issue of “IT security”. Furthermore, nowadays this issue does not only involve hardware and software security, but it also concerns data protection, privacy and anonymity, secure data transferring, data coding and authenticity testing. The notion of “security” in the IT sector changes continuously and mirrors the technological advances of a certain time.


Greater security with Free Software
There are several good reasons why Free Software can offer greater security. In this respect, the very premise at the basis of the creation of Free Software should not be underestimated. In general, Free Software is created because developers need programs to solve problems, or simply because they enjoy programming. Since Free Software is programmed to meet technical needs and not commercial objectives, there are no deadlines, economic limitations or managerial directives. Working in freedom and following the motto “it’s ready when it’s ready”, Free Software can be developed without production pressures and can be released after all faults have been eliminated. However, the true reason why Free Software offers greater security than proprietary software lies elsewhere. The difference is that Free Software has an open source code, which means that everybody can have access to it and use it. 


No waiting for secure versions
Since everybody can have access to Free Software codes, programmers should be aware that a fuzzy source code full of mistakes will not be accepted. However, the most important factor is that having an open and flexible source code can lead to prompt corrections of possible weak points, faults or errors affecting security, as well as a rapid response to external attacks, which can then be dealt with and repelled. Obviously, relevant technical skills are essential and there are thousands of volunteer programmers or hackers (i.e. people finding errors in programs and not exploiting possible faults) ready to give their help and competence from all over the world. It is worth considering that the more errors hackers can find, the higher their reputation becomes. Thus, the advantages of Free Software are more than clear: users of proprietary software are constantly exposed to the danger of crackers, who may find a fault and exploit it until the owner responds with a “secure” version of the program. On the other hand, Free Software users can count on the fact that in case of difficulty, within a few hours, somebody in the world will discover the problem and solve it. Moreover, a secure and free update is available on the Internet.