Perhaps I need a better understanding of what open source means, but how can a program that is openly publishing its code not be super vulnerable to cyber security threats. That’s like a bank publishing exactly how all it’s security works right? Obviously I’m missing something here, so ELI5!
In: 427
Yes it does and that is the idea. I mean not for hackers but for everyone. Everyone can see problems and can help fix them… Ofc that’s theoretical and only really matters if your project interests a large enough group, otherwise no one will really pay attention enough.
But the main thing and I think the reason why it confuses you, I a typical mistake people have done a million times in the past, but modern security professionals warn against it. You equate security with obscurity. And thats the way it was done for a long time. But it’s a false friend. Obscurity does not increase security it just makes it harder to detect a breach. Transparency and secure design is what makes a software truly secure. And you can achieve both with open source. And in a large and highly intrested in project you will have thousands of people looking at you code. Thousands that would otherwise be a dozen. And even though anyone can commit anything only a few selected people, that arr hopefully trusted, are allowed to actually merge these changes into the master
Latest Answers