[OGRUG] " departments are concerned about security"
On Tue, Aug 9, 2016, Abdool Yasseen wrote:
Just a point to note when thinking about applying freeware in institution settings,
Still, I can imagine how this issue may make a few directors nervous.
They may be nervous, but this is due in large part to conflating the concepts of freeware and Free Software. Freeware is typically a binary executable of unknown provenance, and frequently contains malware. The developers are unknown, and there is little risk to them if their program does bad things to the users' computers. Free Software is software for which the source code is available, and typically is developed in an open and transparent way. In many cases (including R), the developers are well-known and respected domain experts. While it's unlikely an average R user has the time or expertise to validate the security of the code they use, there are many expert users that do. Furthermore, the domain experts behind it would risk their reputations and careers should they engage in anything nefarious. It would be possible to use R as an infection vector, but the effort required to entice a naive user into running malicious R code would be far greater, and the target group far smaller, than a standard phishing email scam. On the other hand, there are many serious benefits to using Free Software, some of which are detailed in the links Joseph provided. Best, Tyler