this post was submitted on 02 Nov 2023
19 points (88.0% liked)

Open Source

30221 readers
190 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
Cloak@lemmy.ml
kevincox@lemmy.ml
CrypticCoffee@lemmy.ml
Lettuceeatlettuce@lemmy.ml
19
How does Opensource change how Security work? (kbin.run)
submitted 10 months ago by SamXavia@kbin.run to c/opensource@lemmy.ml
23 comments fedilink hide all child comments
 

There are some people won't touch anything to do with open source projects as they feel it might have issues with security. What does open source actually do for security or change how it works?

you are viewing a single comment's thread
view the rest of the comments
[–] cogitoprinciple@lemmy.world 4 points 10 months ago

Only potential security issues, would be related to a lack of maintenance on a particular project. If an open source tool has not been updated for over a year or more, then it may have security vulnerabilities. I usually won't use something if it has not been updated for a year or more.

However, people who make that claim, seem to subscribe to security by obscurity. They may think that the source code being public makes it more likely to be exploited for vulnerabilities. But I would say that is a strength, since many people can verify the security of a project and can have patches applied. In standard proprietary software, a security vulnerability could exist for years, without being patched because no one knows it's there. It may or may not be exploited within this time.

It is our responsibility to choose the digital tools we use wisely, and to be mindful of a lack or drop of maintenance on a particularly project.