Nope. I am serious

In case you hadn't noticed, I tend to be somewhat of a late adopter. And for late adopters, open source has fewer bugs, and the bugs that do exist are less troublesome.

This is a consequence of the dynamics explored in [link|http://www.cl.cam.ac.uk/ftp/users/rja14/toulouse.pdf|http://www.cl.cam.ac...ja14/toulouse.pdf] which finds that to first order effects, one expects open source to be equally secure with closed source. Equally secure because the added ease of finding bugs balances out the added rate of locating and fixing to result in a wash. Therefore the ease of finding security holes (to first order) is expected to remain the same.

Which means that with open source - investigating with source available - it should be about as easy to find and positively identify a bug as it is with closed source without source at the same stage in the software's development. But the flip side of that is that you run across bugs by accident less often with open source.

To take the example that you gave, as you know within the last year I found and fixed a bug in how CGI.pm handled aborted POST submissions when it was not a multi-part form. Without access to source I would still be shrugging my shoulders over a couple of isolated reports of strange behaviour.

By contrast with manipulating Access via OLE in Perl I have a couple of isolated freezes. I have no idea what to do next. Some of the code is "source available" but I am not allowed to actually edit it. Most of the layers are proprietary. I am sure that there are lots of bugs. If I had the source and the time to learn it I could probably find a lot of bugs. I might or might not find mine. Without details I don't really have anything that I can submit as a bug report...

I do submit bug reports routinely. On both open and closed source programs. Bugs submitted on open source get more of a response. For instance a few I submitted last summer on DBD::Sybase got feedback and fixes. Microsoft has not even acknowledged a bug I submitted about their handling of cut-and-paste from Excel 2002 to text. (Take a spreadsheet with cells with a cell with a double-quote. Cut and paste to notepad. Save. Try to open that in Excel. You get data corruption. Save the spreadsheet as text, open. No data corruption. In cut-and-paste they don't decide to quote cells with " in them and should. In a file save they do.)

So yes, I do run into fewer bugs with open source, and I find the ones that I run into less troublesome. Really. :-)

Cheers,
Ben

Welcome to IWETHEY!