Blog @ Athens Digital Week '09

Athens Digital Week (ADW) is a 5 day technology event held in Technopolis, at the center of Athens. It is very promising that one of the nine areas of interest in ADW, is Open Source! The Open Source session was organized on Friday 16th. was invited to give a presentation, titled "Open Source and Security".

In our presentation we tried to make clear that Open Source is more secure, not only because code is open to everyone to read, so bugs and vulnerabilities will eventually be found, but (maybe) more importantly because programmers have to comply with standards to get their code accepted. We also stated that the argument "closed source is more secure because code is a secret" is Nonsense, because there is a plethora of tools available (decompilers, disassemblers, fuzzers etc) that will eventually reveal bugs in closed source. Harder, true, but still vulnerabilities will be found.

On the second part of our presentation, we gave a quick overview of a few successful open source programs related to IT security (backtrack, openssh, tor, aircrack-ng) and noted that these programs often provide 99.x % of what closed source equivalents provide.

The panel also included presentations from (Greek chapter of OWASP), Microsoft Hellas and Athens University. We were lucky to attend Mr Kiagia's presentation on cryptography, where he explained with an intuitive way, why cryptography with closed source programs is a really bad idea.

After the presentations were finished, open discussion took place, where some interesting issues were raised by the audience. For example one attendee asked what needs to be done in order open source to be adopted in Greece. From our side we strongly believe that public sector needs to adopt standards, systems and applications built with open source software. This seems to be the trend in developed European countries after all!

In any case, it has been an interesting Friday night, and it is really promising that Open Source was one of the main areas on such a big event.

Find here our full presentation.