Security News > 2021 > April > Linux kernel security uproar: What some people missed
Recently the Linux kernel community was aflame due to efforts by researchers at the University of Minnesota to intentionally torpedo Linux security by submitting faulty patches.
Organizations of all sizes have depended upon Linux for performance and security for decades; in fact, those same organizations depend upon a wide array of open source, generally.
This doesn't mean that the open source, generally, or the Linux kernel, specifically, is somehow impervious to security flaws.
If security problems aren't fixed pronto, the open source project will be labeled as lame by users, who will move on to the next option.
Later, I expressed similar thoughts, arguing that "Open source software isn't inherently more secure, rather it offers an inherently better process for securing code. Bugs in open source code, when uncovered, are quickly fixed through an open process." As such, the fact that University of Minnesota researchers were able to inject flaws into the Linux kernel isn't the real story.
Nor is the story that the kernel community caught the bad actor before the code shipped in production, though that is a real benefit of open source development practices.