undefined | Better HN

0 pointsthe_mar1mo ago0 comments

well, name an example of a thing that can never change then.

"research alternatives" meaning what exactly? You think open source is somehow not susceptible to the same issue, plus all of the malicious updates?

0 comments

lrvick1mo ago

Security focused FOSS does signed commits, signed reviews, full source bootstrapping, and reproducible builds.

Proprietary software solutions are unable come close to that level of accountability.

Not all published source code is secure but all secure software has published source code.

j / k navigate · click thread line to collapse

lrvick1mo ago

Security focused FOSS does signed commits, signed reviews, full source bootstrapping, and reproducible builds.

Proprietary software solutions are unable come close to that level of accountability.

Not all published source code is secure but all secure software has published source code.

j / k navigate · click thread line to collapse