Memes

45423 readers

1301 users here now

Rules:

Be civil and nice.
Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago

MODERATORS

[email protected]

It's Open Source! (lemmy.dbzer0.com)

submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]

44 comments fedilink hide all child comments

Not discrediting Open Source Software, but nothing is 100% safe.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 0 points 1 year ago (1 children)

I think the more interesting question has long been: what's (or who is) your threat? Against a sufficiently motivated and resourced adversary, there are few real obstacles. Conversely, some people are just not interesting because there's little or nothing to gain from attacking them.

[–] [email protected] 0 points 1 year ago* (last edited 1 year ago) (1 children)

Exactly. I just wanted to point out that most of the people here honestly have no idea what they're talking about.

If people had read the articles about that 'study' if malicious pull requests got accepted... and the aftermath... If they had read the articles how the NSA(?) helped(?!) with the mathematical constants of elliptic curve encryption... How cisco networking equipment got intercepted... If you knew how the internet and freedom worked... You'd know it's not that easy. Every 'simple' answer is just plain wrong. It depends... What is the thread model, what are you able and willing to invest, what are you trying to achieve? Sometimes you don't even know who's friend or foe.

Idk why people want to piss on open source software. It's a fact that one can have a look at open source software and not at closed source. And don't tell me nobody does, because i know i do. And millions of github users contribute code and read some code here and there. And i know a few tech blogs who like to check apps and see if they respect privacy and so on. ... And that's not everything as we pointed out earlier. If this helps you, depends on your own goals and thread model.

[–] [email protected] 1 points 1 year ago

I really enjoy the discussion here. Refreshing! Most of the time I as a relative non-expert have no idea what I'm doing, but I do read things as much as I can. Otherwise I'm a fallen sysadmin who got a job managing cyber because bills need to be paid.

Open, closed, it's all object code in the end which can be examined in disassembly, or the behaviours observed during runtime. Open makes some processes easier in this area. I think the real strengths in this have been beyond security, to enhance cooperation and reuse so we don't waste time constantly reinventing.