Not discrediting Open Source Software, but nothing is 100% safe.

  • @[email protected]
    link
    fedilink
    English
    121 year ago

    Though one of the major issues is that people get comfortable with that idea and assume for every open source project there is some other good Samaritan auditing it

    • 𝕽𝖔𝖔𝖙𝖎𝖊𝖘𝖙
      link
      fedilink
      English
      111 year ago

      I would argue that even in that scenario it’s still better to have the source available than have it closed.

      If nobody has bothered to audit it then the number of people affected by any flaws will likely be minimal anyway. And you can be proactive and audit it yourself or hire someone to before using it in anything critical.

      If nobody can audit it that’s a whole different situation though. You pretty much have to assume it is compromised in that case because you have no way of knowing.

      • @[email protected]
        link
        fedilink
        English
        41 year ago

        Oh definitely, I fully agree. It’s just a lot of people need to stop approaching open source with an immediate inherent level of trust that they wouldn’t normally give to closed source. It’s only really safer once you know it’s been audited.