So with open source software more on my mind lately I was wondering - while I get the benefits of transparency and such, how safe is it? If the source code is available to all, isn’t it easier to breach for people (like the recent cookies hack)? If I’d have an open source password manager, would it be easier for people to get my passwords somehow than if I use something not open source? Do I just not understand how software works in general?

And what are other benefits that may be not so obvious to someone not so knowledgable about this?

Edit: thank you all for really insightful answers! Among other things I also learned just how much I don’t know :)

  • @[email protected]
    link
    fedilink
    English
    3
    edit-2
    1 year ago

    Most interactions in life are based on trust, so I don’t think you can be totally safe. However, you can choose who you trust enough so you don’t have to constantly worry. You might find this speech titled Reflections on Trusting Trust by Ken Thompson relevant.

    Also see Linus’ Law, which postulates that more people looking at code means bugs get noticed and fixed quicker, and large open source projects usually have a lot of people working on it.