1680
It's Open Source! (lemmy.dbzer0.com)
submitted 1 year ago* (last edited 1 year ago) by 001100010010@lemmy.dbzer0.com to c/memes@lemmy.ml

Not discrediting Open Source Software, but nothing is 100% safe.

you are viewing a single comment's thread
view the rest of the comments
[-] nous@programming.dev 0 points 1 year ago

Also, just because you can see the source code does not mean it has been audited, and just because you cannot see the source code does not mean it has not been audited. A company has a lot more money to spend on hiring people and external teams to audit their code (without needing to reverse engineer it). More so than some single developer does for their OSS project, even if most of the internet relies on it (see openssl).

[-] DrJenkem@lemmy.blugatch.tube 5 points 1 year ago

And just because a company has the money to spend on audits doesn't mean they did, and even when they did, doesn't mean they acted on the results. Moreover, just because code was audited doesn't mean all of the security issues were identified.

[-] nous@programming.dev 1 points 1 year ago

Yup, all reasons why it does not matter if the software is open or closed as to how secure it might be. Both open and closed source code can be developed in a more or less secure fashion. Just because something could be done does not mean it has been done.

[-] DrJenkem@lemmy.blugatch.tube 1 points 1 year ago

Nah I wouldn't say that. Especially if you consider privacy a component to security. The fact that a piece of software can more easily be independently reviewed, either by you or the open source community at large, is something I value.

[-] nous@programming.dev 1 points 1 year ago

Good security is a component to privacy. But you can have good security with no privacy - that is the whole idea of a surveillance state (which IMO is a horrifying concept). Both are worth having, but my previous responses were only about the security aspect of OSS. There are many other good arguments to have about the benefits of OSS, but increased security is not a valid one.

this post was submitted on 07 Jul 2023
1680 points (92.9% liked)

Memes

45656 readers
934 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS