Not discrediting Open Source Software, but nothing is 100% safe.

  • SeaJ
    link
    fedilink
    English
    551 year ago

    You can get a good look at a T-bone by sticking your head up a cow’s ass but I’d rather take the butcher’s word for it.

    There are people that do audit open source shit quite often. That is openly documented. I’ll take their fully documented word for it. Proprietary shit does not have that benefit.

    • @[email protected]
      link
      fedilink
      English
      161 year ago

      And even when problems are found, like the heartbleed bug in OpenSSL, they’re way more likely to just be fixed and update rather than, oh I dunno, ignored and compromise everybody’s security because fixing it would cost more and nobody knows about it anyway. Bodo Moller and Adam Langley fixed the heartbleed bug for free.

      • @MaxVerstappen
        link
        English
        11 year ago

        Wasn’t heartbleed in the wild for 2 years though?

        • @[email protected]
          link
          fedilink
          English
          11 year ago

          Yeah, but that just happens sometimes. With proprietary software you don’t even have the benefit of being able to audit it to see if the programmers missed something critical, you kinda just have to trust that they’re smarter than a would-be hacker.

          • @MaxVerstappen
            link
            English
            11 year ago

            I get that, I just caution that FOSS doesn’t automatically mean secure.

            • CyclohexaneM
              link
              fedilink
              English
              21 year ago

              Nothing is 100% secure. FOSS is definitely more secure, all else equal.