diff options
| author | Paul Buetow <paul@buetow.org> | 2021-08-01 12:12:22 +0300 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2021-08-01 12:12:22 +0300 |
| commit | 1bd6307c8bdd72f880b31ce13f571d006d34bddc (patch) | |
| tree | d4d38efa33ccb254f7404cebdf921e9b1eeb3e20 /gemfeed/2021-08-01-on-being-pedantic-about-open-source.md | |
| parent | 60a47bfb6541ee8c7744ae2e7309b408283465a4 (diff) | |
Publishing new version
Diffstat (limited to 'gemfeed/2021-08-01-on-being-pedantic-about-open-source.md')
| -rw-r--r-- | gemfeed/2021-08-01-on-being-pedantic-about-open-source.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/gemfeed/2021-08-01-on-being-pedantic-about-open-source.md b/gemfeed/2021-08-01-on-being-pedantic-about-open-source.md index 8b4d185b..bb7387c5 100644 --- a/gemfeed/2021-08-01-on-being-pedantic-about-open-source.md +++ b/gemfeed/2021-08-01-on-being-pedantic-about-open-source.md @@ -52,7 +52,7 @@ Clunkiness can be charmful, though. And it can also encourage you to contribute One of the main conceptions about open-source software is that it is more secure than closed-source software because everybody can read and fix the code. Is that actually true? You can only be sure when you audit the code by yourself. If you are like me, you won't have time to audit all the open-source software you use. It's impossible to audit more than 100 million lines of Linux kernel code. Static code analysis tools come in handy here, but they still require humans to look at the results. -Security bugs in open-source projects are exposed to the public and fixed quickly, while we don't know exactly what happens to security bugs in closed-source ones. Still, hackers and security specialists can find them through reverse engineering and penetration testing. Overall, thinking of security, In my opinion it is still better to prefer open-source software because the more significant the project, the higher the probability that security bugs are found and fixed as more parties are looking into it. Furthermore, provided you have the necessary resources, you could still deduct an audit by yourself. The latter especially happens when companies with its own security and penetration testing departments are evaluating the use of open-source. This is something not every company can effort though. +Security bugs in open-source projects are exposed to the public and fixed quickly, while we don't know exactly what happens to security bugs in closed-source ones. Still, hackers and security specialists can find them through reverse engineering and penetration testing. Overall, thinking of security, In my opinion it is still better to prefer open-source software because the more significant the project, the higher the probability that security bugs are found and fixed as more parties are looking into it. Furthermore, provided you have the necessary resources, you could still deduct an audit by yourself. The latter especially happens when companies with its own security and penetration testing departments are evaluating the use of open-source. This is something not every company can afford though. ## Always watch out for open-source alternatives |