Microsoft’s Many Eyeballs and the Security Development Lifecycle

Posted by Scott_Ruecker on Feb 16, 2010 11:55 AM EDT
Thinking About Security; By Shawn Hernan 		Mail this story
Print this story

Eric S. Raymond wrote, “Given enough eyeballs, all bugs are shallow.” He calls this Linus’ law. The open source community uses this argument to assert that open source software is more secure than proprietary software. Advocates of proprietary software attack this argument on a variety of grounds, but here’s a little secret: Raymond was right. One cannot deny the logic. In fact, it is a tautology. If you assume that all individuals have a non-zero probability of finding and fixing a bug, then all you need is “enough” individuals. A million monkeys banging on a million keyboards will eventually produce Twelfth Night. Mathematically, the many-eyeballs argument, and the million-monkeys argument are equivalent.

Full Story

  Nav
» Read more about: Groups: Microsoft, Community; Story Type: News Story

« Return to the newswire homepage

Subject Topic Starter Replies Views Last Post
Better security? djohnston 8 1,060 Feb 17, 2010 9:43 AM

You cannot post until you login.