Typically a source code leak is a safety danger. But with open source applications it is available from the start. How do you prevent people from intruding when all safety measurements can be plainly seen?
In: 6
By not relying on security through obscurity. It is not necessary to, and is a bad practice anyways. This latter is commonly referred to as called [Kerckhoff’s principle.](https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle)
Please note that open source, libre/free, and source-available software are still commonly exploited. It is a widespread misconception that since the code can be independently reviewed, it is being reviewed. Even for those projects that it is, reviews don’t necessarily translate to caught vulnerabilities, severe or low-hanging.
Source code leaks are typically an intellectual property (IP) theft concern, not a security one.
Latest Answers