Not discrediting Open Source Software, but nothing is 100% safe.

  • guy@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Though one of the major issues is that people get comfortable with that idea and assume for every open source project there is some other good Samaritan auditing it

    • 𝕽𝖔𝖔𝖙𝖎𝖊𝖘𝖙@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 year ago

      I would argue that even in that scenario it’s still better to have the source available than have it closed.

      If nobody has bothered to audit it then the number of people affected by any flaws will likely be minimal anyway. And you can be proactive and audit it yourself or hire someone to before using it in anything critical.

      If nobody can audit it that’s a whole different situation though. You pretty much have to assume it is compromised in that case because you have no way of knowing.

      • guy@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        Oh definitely, I fully agree. It’s just a lot of people need to stop approaching open source with an immediate inherent level of trust that they wouldn’t normally give to closed source. It’s only really safer once you know it’s been audited.