We all know that viewpoint's nonsense. But I could really use a short, understandable-by-idiots, refutation of the "common sense" view that open source software is "obviously" a security disaster waiting to happen.
The fact that 80% of the internet is running on open source software probably won't cut it. The idiots all "know" that the internet is a dangerous place and clearly everything's held together by string, cobwebs, eggstains, a little glue and the determined efforts of the only software houses worth mentioning, Symantec and Microsoft, and trying to tell them otherwise needs something solid, instant and understandable.
So does anyone have anything helpful -- and preferably unarguable -- I can throw at them?
Still staying general, let's watch out for the word "Idiot." Because even "subconscious insult" one day creeps into places you don't expect!
1. Develop an Open Source Saint. "Two out of three ain't bad" - Meatloaf. So of "solid, instant and understandable", which two do you keep? I'll leave that for a further discussion. Broad point is, play the 2/3 game hard, let one go (whichever one it is), and slam the other two. "Anderssen Security rated it HIGHER than Microsoft..." or "Costs go down by 30%..." or something.
2. There is no 12 line "crush" of that meme. So you have to slide it in. It will take some work. But maybe get a quiet boss's approval that magically clears your schedule to develop the alternative and have it "flip ready" - something more than a debate point. Do parallel data mgt. I know, I'm a bit out of my depth here, but the general idea is to have already worked behind the scenes at the problem and be damn close to an answer so it's a "Mgt say yes please" discussion rather than "My word vs his" thing.