this post was submitted on 14 Jul 2023
1291 points (99.8% liked)

Technology

60109 readers
2325 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

We've all been there.

you are viewing a single comment's thread
view the rest of the comments
[–] Tyler_Zoro@ttrpg.network 2 points 1 year ago

I know it can be hard to have your ideas quedtioned, but at least try to be civil. I never questioned your intentions, yet youre acting like im crazy.

I think that's all you. I have never suggested that you are crazy. I suggested that calling Microsoft software "safe" as opposed to Linux which is, "insecure," sounds like trolling. But that's because it sounds like trolling. No crazy stated or implied.

A walled garden is obviously more secure than an open source project because nobody can even see the code to find vulnerabilities in it.

You should learn more about the world of software. Seriously. Security experts have been reasonably unanimous in their support of the "Many Eyes Make All Bugs Shallow" approach to software security for decades, even while they have criticized it as a mantra that ignores the flaws in a presumption of open source software security.

But just to put it in a simple logically sealed box: Microsoft's source code has been leaked several times, and of course, bad actors probably have gained access to it throughout the years without such public knowledge. This means that the fundamental difference between Microsoft's proprietary codebase and open source codebases is not, cannot be the availability of source code. Rather, it is the ability for independent groups to review the code on an ongoing basis.

When the only difference is independent review, the only possible result is higher security.

I understand that you like horses. You ride one every day, and you might have evwn named your horse. The fact is that its time to buy a car.

None of this constitutes a logical refutation to the examples I provided, which are critical components of modern software development and deployment.

Source: I'm a professional software release engineer who has worked with many of the world's largest corporations.

Quality software costs money

For starters, this is unfounded cargo culting. There is no evidence for this at all. I can point to dozens of very expensive piles of crufty old software that no one should ever go near, and also to some free software that is literally foundational to the modern software world.

Money has nothing to do with the quality of software, but you're also mistaken if you think open source software is free. You can pay IBM millions of dollars for a suite of enterprise-ready open source software. Most of the cost in such software is rarely the software itself. It's services, support, training and customization.

Throwing rocks is also simpler than firing a gun, yet modern militaries arent training slingers anymore

But they are succeeding wildly by using largely open source software running on open hardware for drones, networking, battlefield analysis, logistics, etc.