I’m all for open source software so it can be understood, developed, and used by more people than if it was proprietary. However, I don’t get how it can be secure if malicious actors have access to the source code and the entire software package to practice their attacks against?
In: Engineering
Secure software is by definition software that isn’t vulnerable even if you know exactly how it works. If you rely on attackers not knowing your source code, you just expose yourself to getting dabbed on by an expert reverse engineer who *likes* digging through decompiled C garbage.
Latest Answers