Mårten Mickos is among one of the most respected luminaries of the Open Source world. He served as the CEO of MySQL AB at its prime time, and today he serves as the CEO of HackerOne. I sat down with Mikos to understand the purpose of HackerOn and his perspective on the security of open source software.
People often say that Open Source is secure by design. But the fact is that no software, irrespective of whether it’s open or closed source is secure. In the past few years, we have seen a spike in vulnerabilities in Open Source software.
This is not because open source is becoming vulnerable, it’s because open source is becoming mainstream. There seem to be two factors that contribute to the surge in vulnerabilities: One is that open source technologies like Linux have grown beyond their niche and are being used in new markets; the second is that it has created a substantial user-base that creates a tempting target.
“The number of connected devices and servers has grown enormously in the past years,” said Mikos, “Criminals go where the attractive targets are. There is this old joke, ‘why do you rob banks?’ Well, that’s where the money is.”
The open source community has started to feel the heat. At the previous LinuxCon, Linus Torvalds made a call to hackers to join the kernel community. “There are smart people doing bad things. I wish they were on our side, and they could help us,” he said, “I want us to get as many smart people as we can before they turn to the dark side.”
HackerOne is doing that job. It’s bringing those hackers to the good side. “HackerOne has built a community of white hat hackers who will come and hack your systems to find vulnerabilities and report them to so you can fix them before criminals could use them,” said Mikos.
Check out the whole interview on YouTube:
- Intro to HackerOne
- Open Source is more secure than proprietary software
- Reason for spike in vulnerabilities in Open Source
- Can software be secure by design?
- Security is not a tech problem, it’s a human problem
- We need regulations and public awareness
- There are more white hat hackers than black hat hackers
- Role of media in promoting open source
- Open Source is the future of technology