Eli5: Why can’t open source software easily be hacked?

938 views

Typically a source code leak is a safety danger. But with open source applications it is available from the start. How do you prevent people from intruding when all safety measurements can be plainly seen?

In: 6

21 Answers

Anonymous 0 Comments

Open Source software can absolutely be exploited. The idea that open source software is inherently more secure is simply not true. It’s based on the premise that if everyone can view the source code, someone will come along and fix all of the bugs. Whom do you think has more motivation, bored hobbyists sleuthing through someone else’s program code to find obscure vulnerabilities and fix them out of the goodness of their heart, or blackhats sleuthing through someone else’s program code to find obscure vulnerabilities and exploit them for monetary gain?

Virtually all current web browsers are either open source or based on open source underpinnings. However, browser vulnerabilities pop up all of the time. In fact, exploits found by looking at the source code for Apple’s WebKit rendering engine were used to exploit the system software on Sony’s Playstation 4 and 5 game consoles.

Really good open source software projects have paid developers with responsibility over specific parts of the code base. Having all eyes on a project is not good enough because those eyes don’t know what they’re looking for. Rather, it’s much more important to have the right eyes on the project.

You are viewing 1 out of 21 answers, click here to view all answers.