The open source software sharing model can help to spread malware, security firm McAfee has warned.
"There are times when the [open source] community needs to show some restraint, some public responsibility, before sharing with the world," said Jimmy Kuo, senior fellow at McAfee's Avert Labs.
Kuo issued the warning in the inaugural edition of McAfee's Sage publication unveiled today. He pleaded with researchers who discover a vulnerability to wait until a patch is released.
"For some people it is asking a lot to hold back and pass up a chance for self-promotion while letting others quietly save the day," he said.
Malware authors gratefully piggyback on the work of legitimate open source developers, according to McAfee.
The Phalcon-Skism Mass Produced Code Generator, for instance, is a virus creation kit that has been used to author about 15,000 different viruses. It accounted for 46 per cent of all detected malware in 1999.
McAfee said that the rise of botnets is another factor driving the sharing of malware.
Because there is money to be made, malware authors now have an incentive to team up and create effective code, whereas in the past they were mainly seeking bragging rights.
However, Dave Marcus, a security research and communications manager at McAfee, stressed that the company has nothing against open source in general.
"We are not being anti-open source or negative about open source as a movement. We are talking about the open source sharing model and how that has serviced the malware writers over the years," Marcus told vnunet.com.
Marcus added that he cannot see an easy solution. "There is no way to stop sharing this stuff on a public forum like the internet. It's a Catch 22."
Commons Science and Technology Committee calls for new post-Brexit skilled-workers immigration system
Committee calls for visa-free travel and permit-free work for skilled workers
Eleven 'normal' outer moons, and one described as 'oddball' found circling Jupiter
Scientific discovery has found a quadrillion tonnes of diamonds in the earth's mantle
Mobile payment app makes users' details public by default