Eli5: Why can’t open source software easily be hacked?

944 views

Typically a source code leak is a safety danger. But with open source applications it is available from the start. How do you prevent people from intruding when all safety measurements can be plainly seen?

In: 6

21 Answers

Anonymous 0 Comments

All the other answers are great, I will add a little bit of a historical context of why open source actually safe.

Back in the early days of household computers and internets every company built their own secure implementation of ciphers. But as you may know, when you write something, you can do mistakes in it but you personally will not see them(as you are the author) or you will not see them because you do not properly understand the reason behind the solution. And as such many in-house solutions of ciphers were done incorrectly – be it laziness, time crunch or not enough information. In the end, ciphers are math and programming is IT (while it is related, it is not the same field :)). Therefore a code-leak of such bad implementations would be dangerous.

After few problems people started to realize, that instead of in-house closed solutions it is better to build the security via known and reviewed mechanisms. These are safe because more people can check them. So, this is why nowadays you know how the cipher mechanisms work and you can use pre-implemented modules, because the security is NOT in the fact, that nobody knows how it works(and as such the code leak would be dangerous), but in the fact, that it is safe because math(science) says so.

Open source is just going into this fully, most companies do not do that as they have some fancy solutions they do not want to share as it may give them the competitive advantage. e.g. Youtube can have a great implementation of video storage but they do not want others to use it as well. So a code-leak would share that but it wouldnt be a security risk. (hopefully, I dont work at youtube so I dunno)

You are viewing 1 out of 21 answers, click here to view all answers.