Perhaps I need a better understanding of what open source means, but how can a program that is openly publishing its code not be super vulnerable to cyber security threats. That’s like a bank publishing exactly how all it’s security works right? Obviously I’m missing something here, so ELI5!
In: 427
It makes it easier for people to find vulnerabilities, but you can’t really add malicious code to open source projects.
It’s incredibly easy to spot, and before code is added to the base, it’s usually checked by multiple people, sometimes it’s also checked by a program that specificly tells you what vulnerabilities your code has and how to fix them.
In short, it’s possible, but in reality, it almost never happens.
Latest Answers