Eli5: Why can’t open source software easily be hacked?

963 views

Typically a source code leak is a safety danger. But with open source applications it is available from the start. How do you prevent people from intruding when all safety measurements can be plainly seen?

In: 6

21 Answers

Anonymous 0 Comments

By not relying on security through obscurity. It is not necessary to, and is a bad practice anyways. This latter is commonly referred to as called [Kerckhoff’s principle.](https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle)

Please note that open source, libre/free, and source-available software are still commonly exploited. It is a widespread misconception that since the code can be independently reviewed, it is being reviewed. Even for those projects that it is, reviews don’t necessarily translate to caught vulnerabilities, severe or low-hanging.

Source code leaks are typically an intellectual property (IP) theft concern, not a security one.

You are viewing 1 out of 21 answers, click here to view all answers.