Not discrediting Open Source Software, but nothing is 100% safe.

  • davewritescode@lemm.ee
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    1
    ·
    1 year ago

    Heartbleed is the only counter example anyone needs to know that open source isn’t perfect. Intelligence agencies were likely sucking up encrypted traffic because nobody was paying attention to the most commonly used TLS library in the world

    • Dr. JenkemA
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Sure, open source isn’t perfect. No software of any reasonable size is. Anyone claiming otherwise is an idiot and should be ignored. And yeah sure, heartbleed vuln existed for 2 years before discovery. But don’t forget the NSA held onto the EternalBlue vuln for over 5 years before the shadowbrokers leaked their tools.