I think that most open source software are probably less safer than commercial software, the big difference is that most attackers focus their efforts on commercial software
You said: Most attackers focus their efforts on commercial software like Microsoft Windows, but commercial software is safer.
That doesn't make any sense. It seems like you're contradicting yourself.
With closed-source "commercial" software, it may be difficult or impossible to review and test the software.
Open source software is not automatically "safer" than commercial software. But open source software encourages peer review. You can examine the software and decide for yourself if it is safe or not. With proprietary software, you only know what the vendor tells you -- and no vendor is going to admit that their software may be buggy and insecure.
There is a big difference between how both worlds work.
When a programmer find a security bug in an open source software it will probably report it to the project team and they will fix it. If the same happend with a commercial software it will probably sell it to the black market.
... no vendor is going to admit that their software may be buggy and insecure.
I'm not so sure of that, If we take Microsoft as an example they admit that their software is insecure with every security patch they release.
This is like asking, which car is the safest? To answer this question, one would have to go through demolating(crash testing) many cars. There is however another way. You create a list of your requirements, you embark on a search to find the "ideal" car based on your requirements/needs. After purchase, you proceed with taking your car for inspections. The car is then brought up to a standard (safe enough for driving). Then your car, based upon your requirements(which your car is bought upon) is safe.
Then again, the safest car would be one that does not dent or crunch when invloved in a an accident.
I would assume that most attackers focus their efforts on the most popular (that is, most commonly used) software. Therefore the distinction between commercial and open source is not important.
You said: Most attackers
You said: Most attackers focus their efforts on commercial software like Microsoft Windows, but commercial software is safer.
That doesn't make any sense. It seems like you're contradicting yourself.
With closed-source "commercial" software, it may be difficult or impossible to review and test the software.
Open source software is not automatically "safer" than commercial software. But open source software encourages peer review. You can examine the software and decide for yourself if it is safe or not. With proprietary software, you only know what the vendor tells you -- and no vendor is going to admit that their software may be buggy and insecure.
Of course, I agree. There
Of course, I agree.
There is a big difference between how both worlds work.
When a programmer find a security bug in an open source software it will probably report it to the project team and they will fix it. If the same happend with a commercial software it will probably sell it to the black market.
I'm not so sure of that, If we take Microsoft as an example they admit that their software is insecure with every security patch they release.
This is like asking, which
This is like asking, which car is the safest? To answer this question, one would have to go through demolating(crash testing) many cars. There is however another way. You create a list of your requirements, you embark on a search to find the "ideal" car based on your requirements/needs. After purchase, you proceed with taking your car for inspections. The car is then brought up to a standard (safe enough for driving). Then your car, based upon your requirements(which your car is bought upon) is safe.
Then again, the safest car would be one that does not dent or crunch when invloved in a an accident.
it depends
I would assume that most attackers focus their efforts on the most popular (that is, most commonly used) software. Therefore the distinction between commercial and open source is not important.