this post was submitted on 02 Nov 2023
18 points (87.5% liked)

Open Source

31173 readers
168 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
Cloak@lemmy.ml
kevincox@lemmy.ml
CrypticCoffee@lemmy.ml
Lettuceeatlettuce@lemmy.ml
18
How does Opensource change how Security work? (kbin.run)
submitted 1 year ago by SamXavia@kbin.run to c/opensource@lemmy.ml
23 comments fedilink hide all child comments
 

There are some people won't touch anything to do with open source projects as they feel it might have issues with security. What does open source actually do for security or change how it works?

you are viewing a single comment's thread
view the rest of the comments
[โ€“] JustEnoughDucks@feddit.nl 2 points 1 year ago (1 children)

Isn't your OpenSSL and curl points proving the opposite? Every program will have vulnerabilities and they had critical security vulnerabilities that were found and fixed.

But yes, I agree that 95% of open source projects have absolutely 0 security testing. Might not matter for some embedded applications, but it matters a great deal for public facing container plugins for example. Then again, most closed source software also hasn't been pen tested.

[โ€“] ZenFriedRice@lemmy.ml 1 points 1 year ago

Good point, finding a security vulnerability is a success not a failure.