It's Open Source!
It's Open Source!
Not discrediting Open Source Software, but nothing is 100% safe.
You're viewing a single thread.
224 comments
-
- Yes, I do it occasionally
- You don't need to. If it's open source, it's open to billions of people. It only takes one finding a problem and reporting it to the world
- There are many more benefits to open source: a. It future proofs the program (many old software can't run on current setups without modifications). Open source makes sure you can compile a program with more recent tooling and dependencies rather than rely on existing binaries with ancient tooling or dependencies b. Remove reliance on developer for packaging. This means a developer may only produce binaries for Linux, but I can take it and compile it for MacOS or Windows or a completely different architecture like ARM c. It means I can contribute features to the program if it wasn't the developer's priority. I can even fork it if the developer didn't want to merge it into their branch.
-
Regarding point 2. I get what you’re saying but I instantly thought of Heartbleed. Arguably one of the most used examples of open source in the world, but primarily maintained by one single guy and it took 2 years for someone to notice the flaw.
-
Uhh... so? The NSA was sitting on the vulnerability for EternalBlue in Windows for over 5 years.
-
Dont understand what that has to do with the discussion so far. How is this relevant here?
-
No more or less relevant than heartbleed. Yes vulns exist in open source software, sometimes for a while. Being open source can lead to those vulns getting discovered and fixed quicker than with closed source.
-
-
-
224 comments