Wired News have posted an article about the closed vs. open source debate, in which they say that James Gosling, widely acknowledged as the creator of Java, slammed Apple at Sun’s JavaOne Conference this Thursday.
As an example of problems he said he believes are caused by closed-source development, Gosling slammed Apple, saying that the company doesn’t provide enough information about its programming bugs and security flaws.
“You don’t know what's going on in that code,” said Gosling about Apple.
Now this is pretty cheeky. Apple have actually released most of the components of their operating system under some type of open source license, omitting mainly the GUI parts—which are less likely to contain security flaws. When you consider this, it becomes clear that James Gosling was actually engaging in a point-scoring exercise with his audience, by capitalising on recent criticisms of Apple in some sections of the computer press. Generally speaking, I have to say that I think that criticism has been unfair and is really a result of the existence of a large body of vociferous Windows devotees who for some reason feel the need to devote a large amount of time to finding ways to claim that Windows is in some way better than a Mac (thereby missing completely the point that Windows is a piece of software, whereas the Mac is a computer, and a very nicely designed one at that).
Some of the points that have been made are clearly valid, but I don't agree that immediately informing the world of every security hole is always the best way to approach a problem. In the PC world, every time a new hole is reported by CERT or BugTraq, a spate of new viruses are created that exploit the flaw. Even if you wait until a patch is available before detailing the vulnerability, the chances are that many users won't have applied it.
I don't agree with total secrecy either, of course. But I bet that Apple keeping things close to their chest is one of the factors behind the current lack of Mac malware.