Typically a source code leak is a safety danger. But with open source applications it is available from the start. How do you prevent people from intruding when all safety measurements can be plainly seen?
In: 6
There are basically two opposing approaches to security:
1. Closed source relies on making the it harder for an attacker to know about any potential security issues by, well, keeping the inner workings of the code secret.
2. Open Source relies on as many people as possible to have a look at the code and analyse it, and thus closing security issues before they can be misused.
Both approaches have their advantages and disadvantages. For closed source, it is really just a matter of time until an interested party analyses the software anyways, and then your “security by obscurity” falls apart … on the other side, there are also many “open source” projects where there is effectively only one person ever looking at the source code.
However, in most situations, the open source approach has proven to be the safer/more reliable. Especially for software that is widely used and has a large developer community.
Latest Answers