There are some people won’t touch anything to do with open source projects as they feel it might have issues with security. What does open source actually do for security or change how it works?

  • @cogitoprinciple
    link
    51 year ago

    Only potential security issues, would be related to a lack of maintenance on a particular project. If an open source tool has not been updated for over a year or more, then it may have security vulnerabilities. I usually won’t use something if it has not been updated for a year or more.

    However, people who make that claim, seem to subscribe to security by obscurity. They may think that the source code being public makes it more likely to be exploited for vulnerabilities. But I would say that is a strength, since many people can verify the security of a project and can have patches applied. In standard proprietary software, a security vulnerability could exist for years, without being patched because no one knows it’s there. It may or may not be exploited within this time.

    It is our responsibility to choose the digital tools we use wisely, and to be mindful of a lack or drop of maintenance on a particularly project.