This week has been pretty embarrassing for GNU/Linux estimators. According to ArsTechnica a bug has been found on the GnuTLS library. Basically the authenticity of SSL/TLS certificates was not granted (a similar issue has been found recently on Apple iOS - I mentioned it here).

This bug is present since 2005 (a century in computer science) and it seems to affect a wide range of devices - not only PCs.

During these days I've read several commentators pointing their fingers against the open source philosophy. Probably they are the same people that exult when an error is found on Wikipedia.

To those, I just want to remind that, for example, inside Windows XP Professional there are still 44 unpatched vulnerabilities and a couple of them are present since 2003 (two centuries in computer science).

What we can say is that software - every software - has bugs (by design, let me say). What makes the difference is the speed in fixing them once they have been discovered. And in this case the open source community has been very fast.

So, if you are asking me if open source is perfect, I have to say no. But, in my opinion, is better than closed source under many points of view. And bug fixing is one of them.

Image taken from here (license unknown).