undefined | Better HN

0 pointsdarkwater1y ago0 comments

Well, the "security though obscurity" principle has been used for many years now to cover alleged extra protections granted by the mere fact of keeping a software source code closed and secret. As in: you will not find that RCE in the software if you don't have access to the source code. And this statement from Dell and the FreeBSD foundation (yeah, it's not just Dell) clearly follows that line of thought.

0 comments

torstenvl1y ago

That is simply a mistaken understanding. Keeping source code closed is obviously a legitimate form of security if the source code itself contains proprietary trade secrets (such as hardware details).

No reasonable person could disagree; the proposition is so self-evident it's virtually tautological.

darkwaterOP1y ago

Well, language and meanings evolve over time and you cannot control how they do it. Also, how protecting trade secrets via closed source "creates a robust platform less susceptible to attacks than a CopyLeft-based system with GPL components."?

torstenvl1y ago

Does keeping the source code for the Death Star exhaust port controller firmware secret help create a robust planet destroyer less susceptible to attacks?

j / k navigate · click thread line to collapse

0 pointsdarkwater1y ago0 comments

0 comments

torstenvl1y ago

That is simply a mistaken understanding. Keeping source code closed is obviously a legitimate form of security if the source code itself contains proprietary trade secrets (such as hardware details).

No reasonable person could disagree; the proposition is so self-evident it's virtually tautological.

darkwaterOP1y ago

torstenvl1y ago

Does keeping the source code for the Death Star exhaust port controller firmware secret help create a robust planet destroyer less susceptible to attacks?

j / k navigate · click thread line to collapse