Perhaps I need a better understanding of what open source means, but how can a program that is openly publishing its code not be super vulnerable to cyber security threats. That’s like a bank publishing exactly how all it’s security works right? Obviously I’m missing something here, so ELI5!
In: 427
It makes it easier for *everyone* to research how the program works. That means they can verify that the developer is being honest about what the program does, and they can also find vulnerabilities and help get them fixed. Imagine having a thousand people poking around at your product trying to make it better instead of just a small team of twenty who might be tired, overworked, prone to overlook things. It is a popular scheme, it builds a sense of community and companies will even pay for reports of vulnerabilities (Google is known to pay out thousands and thousands of dollars in bounty money for people to find these things).
Latest Answers