Imagine showing cops and robbers the blueprints to the campus. Then, letting them keep the detailed blueprints to review--over and over again--at their leisure. The robbers would memorize every nuance of the campus layout, and at some point, they'd likely plan a break-in. But on the flip side, the cops would identify security weaknesses--and help eliminate them. Universities that use open source software are facing that very scenario in the digital world. Whether it be a legitimate programmer or a would-be hacker, "everyone" in the open source community has unlimited access to the software's source code. They can spend endless hours examining the code for potential security holes, bugs, and code flaws. And there's no shortage of open source code to examine. Most college campuses are running a mix of open source apps--from Linux and the Apache web server to the MySQL database, Firefox web browser, and Zimbra e-mail--and the list goes on. Darkside hackers (aka crackers) can take a close look at these and other code bases to find holes to potentially exploit. Still, for every bad guy roaming the internet, there are thousands of honest, hard-working open source programmers who review and fix flaws within the code. In this article, the author takes a look at how secure open source is.