Perhaps I need a better understanding of what open source means, but how can a program that is openly publishing its code not be super vulnerable to cyber security threats. That’s like a bank publishing exactly how all it’s security works right? Obviously I’m missing something here, so ELI5!
In: 427
With many aspects of commerce, security, testing or even logic… A crowd is always better. A larger sample size is better since edge cases even themselves out into the average.
You are absolutely right that disclosing the inner working of a software can create security issues, but in turn it creates more security benefits, compared to proprietary system with less people to access and test.
If I reveal that I have a specific type of lock, I’m only at risk if that lock is bad to begin with… and people showing me that lock is bad leads to the change of the lock. Also I don’t reveal the key itself, just the lock type.
Also open source usually pushes Release candidates before features are pushed to production.
Basically I show the lock I want to install to my house, “What do you guys think?” could you test this lock or other people use that lock before I even install it to my door.
Open source systems are not perfect, but they have less zero day vulnerabilites than closed loop and hidden software, what you can only test by using it after it is released.
Latest Answers