Guest Editorial: Thoughts on secure operating systems
1. Professor Spafford's complaint about the "provenance" of code in Linux's open development model is unfounded. There is no assurance that any software development effort is free from people who have bad intent or who just write lousy software. The US government's highest security agencies have discovered spies working at the most trusted levels - does anyone realistically expect that software companies will adopt more rigorous screening than the CIA? In any case, it's not clear that it is easier to get code into Linux than it is to get code into other operating systems.
The link for this article located at linuxdevices.com is no longer available.