undefined | Better HN

0 pointsacqq12y ago0 comments

The mentioned bug was not discovered by reading sources. The sources were available for one and half years and were used for the most popular Linux distributions. What can we expect for less popular ones then?

I'm not saying that it's better to have closed source, even if we can discuss that too when we consider how often the changes are introduced (for security: the less often the better provided the start is good enough) I'm saying that just believing something is secure simply because "it's open source" is pure hand waving.

0 comments

dllthomas12y ago

Availability of the source is not a substitute for audit and care, but is helpful and you're not guaranteed audit or care with closed solutions.

j / k navigate · click thread line to collapse

0 pointsacqq12y ago0 comments

0 comments

dllthomas12y ago

Availability of the source is not a substitute for audit and care, but is helpful and you're not guaranteed audit or care with closed solutions.

j / k navigate · click thread line to collapse