Like a privacy based fully open source browser. Wouldnt it be more hackable because every one know the script and is a glopal privacy based gpay alternative possible ? What about targeted hacking is someone using closed source application more better off than someone with ooen source ?

  • Th4tGuyII@kbin.social
    link
    fedilink
    arrow-up
    106
    ·
    edit-2
    1 year ago

    As long as there us incentive to do so, malicious actors will exploit the source code whether it is open or closed…

    Making something open source does make it easier for malicious actors, but it also allows honest actors to find and fix exploits before they can be used - something they won’t/can’t do for closed source, meaning you have to rely on in-house devs to review/find/fix everything.

    • BananaTrifleViolin@lemmy.world
      link
      fedilink
      English
      arrow-up
      44
      ·
      edit-2
      1 year ago

      Absolutely, this is a good explanation.

      And to add, so many pieces of software share code through shared libraries or systems. Open source means if there is a flaw in one library that is found and fixed, all the software that uses it downstream can benefit.

      Closed source, good actors might not even know their software is using flawed older libraries as it’s hidden from view.

      Plus open source allows audit of code to ensure the software is what it says it is. There are plenty of examples of commercial closed software that does things deliberately that do not benefit it’s user, but do benefit the company that makes the software.

      • Diplomjodler@lemmy.world
        link
        fedilink
        arrow-up
        19
        ·
        1 year ago

        The track record of open source projects for fixing known vulnerabilities is pretty good. Closed source suppliers, on the other hand, have frequently been caught trying to sweep things under the rug.

    • owenfromcanada@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      The saying in software engineering is “there’s no security in obscurity.” Hiding your implementation isn’t for security, it’s for other business purposes.