Open source software is also called „Free Software,“ „Free Software,“ „Free/Open Source Software (FOSS or F/OSS) “ and „Free/Free/Open Source Software (FLOSS).“ The term „free software“ is „free software,“ but the term „free software“ has sometimes been misinterpreted as „no cost,“ which is not the intended meaning in this context. („Free“ in „Free Software“ refers to freedom, not price.) The term „open source software“ is sometimes referred to as „open source software.“ Clarke, G., October 27, 2009, „US DoD sniffs open-source misunderstandings,“ The Register. Keywords: FOSS, free and open-source software, open source software, OSS Yes; Why open source software /free software (OSS/FS, FLOSS or FOSS)? Look at the numbers! is a survey document that „provides quantitative data that, in many cases, the use of free/free software (OSS/FS, FLOSS or FOSS) is a reasonable or even superior approach to using their proprietary competition in different measures. (his) The goal is to show that you should consider using OSS/FS when acquiring software. It draws attention to various studies on market share, reliability, performance, scalability, safety and overall operating costs. The DoD has chosen to use the term „open source software“ (OSS) in its official policy documents. Similarly, OSS (as well as proprietary software) may indeed have integrated the malicious code into it. However, this malicious code cannot be inserted directly by „only someone“ in an established OSS project. As mentioned above, OSS projects have a „trusted repository“ that only some developers (trusted developers) can directly modify. Also, since the source code is published publicly, anyone can verify it, even for the possibility of malicious code.
The publication also allows you to have copies of versions in many places and compare those versions, allowing many people to easily check for changes. Many see this opening as an advantage for OSS, as OSS better meets the Saltzer-Schroeder principle („The protection mechanism should not depend on the attacker`s ignorance“). It is not just theoretical; In 2003, the linux kernel development process withstood an attack. Similarly, SourceForge/Apache (2001) and Debian (2003) responded to external attacks. As with proprietary software, potential users should consider the reputation of the vendor (the OSS project) and the experience of other users in order to reduce the risk of running malicious code, prefer software with a large number of users, and ensure that they receive the „real“ software rather than a copycat (z.B of the project`s main site or trusted distributor). Where important, it may also be useful to review the vendor`s security situation (the OSS project) and scan/test/analyze the software.