• zwekihoyy@lemmy.ml
    link
    fedilink
    arrow-up
    5
    ·
    1 year ago

    there is little difference between “open source but you need formal education to be able to dig through and understand the documentation and code” and closed source. open source is still better for ethical reasons but for 9/10 users, it’s not reasonable to check the source code and they are losing any potential “security” benefits that was provided.

    • CausticFlames@sopuli.xyz
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      You are correct for open source projects with only a few maintainers… But with a project as big as linux, there are SO many people with that “formal education” (which doesnt really even need to be formal) that the amount of eyes on the codebase DOES benefit the normies who dont look at it.

      • zwekihoyy@lemmy.ml
        link
        fedilink
        arrow-up
        4
        ·
        edit-2
        1 year ago

        I 100% agree, I just think it’s dangerous rhetoric to push because you end up with normies that have been told “open source is more secure” and end up running any script they find on GitHub without having a clue how to audit what it’s actually doing. (this was me 5/6 years ago until I figured out what I was doing).

        this is the same reason I find people claiming that Linux is more secure than windows dangerous. I can exfiltrate data from the average Linux install much easier than windows. you can harden Linux to a much greater degree but if you don’t know how or that you even need to, you are in a much worse position.

        • CausticFlames@sopuli.xyz
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          I disagree that you are inherently in a worse position simply because you dont know enough to take a peek at the code or harden things. I think that again, simply being such a massive project linux gives a trickle down effect to normal users. Even as a normie, you are safer on linux than on windows, full stop. As for github scripts, thats an entirely different subject because yes, open source CAN be dangerous still (just like proprietary can).