Silber said Ubuntu for Android would be released under an open source
license, but that Canonical expects it to mostly be pre-installed on
specific hardware.
-- Jane Silber, Canonical CEO in PC Pro
Open source is not inherently safer. It might be a little bit, due to the following reasons:
- Potentially more people look at the code, so bugs allowing for security vulnerabilities are more easily spotted. (Also, it's not true that open source means attackers can just slip in hacks, as some people might be led to think - code is still checked before included in any project. Unless of course the project itself is malicious.)
- An openly governed project creates an ethos of contributing back, e.g. when a security flaw is found, this is reported (and subsequently fixed), rather than exploited).
- The creators of an open source project often have no incentive to deny that vulnerabilities exist until a fix is found -- the more people know about it, the more likely it is someone will know how to fix this.
This will only marginally make it safer, though, since bugs will still exist and people will be using their powers for Bad rather than Good.
When it comes to Ubuntu and all other Linux distributions, though, fact is that it has been designed from the ground up from a multi-user perspective, with one user being able to make modifications to the system and the rest only being allowed to change what's relevant to them - in Windows this was rather tacked on later on (though probably works pretty well by now (Windows 7)).
Still, one could easily write a virus that removes all of a user's personal files. The biggest reason for there being no virus for Ubuntu, is simply that it has a really, really small market share. Thus, there is little to gain and little incentive for a hacker to go through the extra trouble of supporting Ubuntu when they could just target Windows and gain a lot. That, and users of Linux are often more well-versed technically, so would be less likely to install something of which they do not know what it does (though then again, the absence of viruses may lead them to trust everything they download).
(Then again, Ubuntu's update model, among others, is much better than Windows's, meaning that fixed for vulnerabilities can be distributed far quicker.)
Best Answer
This is not a simple question at all.
As well as Debian’s one, official repository of Ubuntu includes free (mostly) and some non-free software in different sections, but their names are not so clear:
main
anduniverse
consist of free packages,restricted
andmultiverse
– of non-free. Some of packages in the latter two could be really necessary to use you PC (like some firmwares and some drivers), but the rest are not.Moreover, Ubuntu makes installing non-free software easy enough to be installed accidentely without realizing what did you install.
If you are concerned about non-free software on your PC, you might use
aptitude
to find out whether anything non-free is installed:or install a small utility
vrms
, and ask it:If you are conserned a lot about using only free software, you might consider installing a Trisquel GNU/Linux, which is basically completely free Ubuntu.
As for the term ‘open source’, if you just use it as a synonym to ‘free / libre’, see all the above. But if you cares about Open Source Initiative opinion and want to follow it strictly (there are actually few who do it, but if), then even the
main
anduniverse
sections of repository includes some software, which is not ‘open source’ according to OSI: OpenSSL is a most notable example. Yes, OpenSSL cannot be technically called ‘open source’ according to OSI (despite the http://openssl.org states the opposite), since its license is basically conjunction of license of SSLeay and 4-clause BSD License, so it inherited obnoxious BSD advertising clause, which is not OSI-approved.