Not discrediting Open Source Software, but nothing is 100% safe.

  • Dr. JenkemA
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    And just because a company has the money to spend on audits doesn’t mean they did, and even when they did, doesn’t mean they acted on the results. Moreover, just because code was audited doesn’t mean all of the security issues were identified.

    • nous@programming.dev
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Yup, all reasons why it does not matter if the software is open or closed as to how secure it might be. Both open and closed source code can be developed in a more or less secure fashion. Just because something could be done does not mean it has been done.

      • Dr. JenkemA
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Nah I wouldn’t say that. Especially if you consider privacy a component to security. The fact that a piece of software can more easily be independently reviewed, either by you or the open source community at large, is something I value.

        • nous@programming.dev
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Good security is a component to privacy. But you can have good security with no privacy - that is the whole idea of a surveillance state (which IMO is a horrifying concept). Both are worth having, but my previous responses were only about the security aspect of OSS. There are many other good arguments to have about the benefits of OSS, but increased security is not a valid one.