• Prethoryn Overmind@lemmy.world
    link
    fedilink
    arrow-up
    9
    ·
    edit-2
    1 year ago

    “bad actors will get a hold of your code anyway.”

    This is the equivalent argument of, “we should just make guns free and available to everyone because if a criminal wants a gun they will just buy one.”

    There is some truth in your argument that is undeniable and anyone who attempts to deny that is a fool. That isn’t my point however. The point is that closing something doesn’t also mean it is less secure because prying eyes have seen it. Close sourcing content can also mean less prying eyes while it is true more people see open source it means your code is also more vulnerable to an attack.

    Android and iOS are proof that close sourced and open source content both have their benefits and cons. I am an Android guy all the way but it is true that there tends to be less malware on iOS than Android. At least that is how it seems.

    It is true that bad actors are going to act badly but what is even more true is there are proper ways both open and close source platforms can exist securely. While I love Android and Apple may not be the best analogy because they have tons of devs and lots of money and we are comparing them to 1 dev and small amounts of money.

    Just because something is closed source doesn’t mean it’s a problem or less secure if anything close sourced and discovering a problem can make it more secure because that product actively gets better or more secure when the problem does become apparent. The issue is how the problem appears.

    Open source appears more secure because more eyes can see it and that means a vulnerability can be spotted before it occurs but that also means more prying eyes could also take advantage of that vulnerability before it is caught and that does and has happened.

    The theme I see on Lemmy is that anything not open source is something to be afraid of but that is not always the case.

    Because I like to educate and not argue here is an article worth reading. The issue is that open source can begin to get too hard to follow if not everyone knows what they are looking at.

    Open Source Security

    • turbo_snail@lemmy.world
      link
      fedilink
      arrow-up
      5
      ·
      edit-2
      1 year ago

      Thank you for your answer. I will read the article you linked.

      I initially was just very irritated by your comment because it sounded like closed source is more secure in general.

      Have a nice evening too.