this post was submitted on 02 Jun 2024
406 points (89.6% liked)

Technology

59287 readers
6276 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 40 points 5 months ago (34 children)

And this right here is why you use open source apps.

[–] [email protected] 32 points 5 months ago (27 children)

This only would work if you check every line of source code, even the dependencies and build chain, and then build it yourself. See xz utils backdoor or heartbleed, etc.

[–] [email protected] 9 points 5 months ago (1 children)

The thing is we only know about these vulnerabilities in such great detail because the projects are open source. God knows what kund of vulnerabilities are hidden in closed source software.

[–] [email protected] 5 points 5 months ago (1 children)

Yes, but we don't know what we don't know. There are many problems like that in open source too, and even if we can look nobody does.

Therefore I find it problematic to say that just because you use open source programs you're safe like the parent tried to.

[–] [email protected] 7 points 5 months ago (1 children)

Yes, important to keep in mind that software being open source doesn't automagically make it secure™.

Still, I think it's important to stress that the benefits of open source outweigh the risks when it comes to security (imho).

[–] [email protected] 3 points 5 months ago

I agree with that.

I don't agree with how it has been presented by the grandparent here as if open source somehow automatically makes it secure.

load more comments (25 replies)
load more comments (31 replies)