My issue with closed source is we don’t know if it is insecure or secure because nobody can find out. It’s a pandora’s box of privacy and security. It may be the most private and secure code known to man or it may be sending anything and everything about you somewhere but we’ll never really know. As for public audits who picks who gets to audit the code ? The company who made it ? You can do as you please but I refuse to trust closed source code. I’m not saying all open source code is good but at least we can find out if it’s good or not through independant means rather than trusting people that the company who made it picks to tell us.
My issue with closed source is we don’t know if it is insecure or secure because nobody can find out. It’s a pandora’s box of privacy and security. It may be the most private and secure code known to man or it may be sending anything and everything about you somewhere but we’ll never really know. As for public audits who picks who gets to audit the code ? The company who made it ? You can do as you please but I refuse to trust closed source code. I’m not saying all open source code is good but at least we can find out if it’s good or not through independant means rather than trusting people that the company who made it picks to tell us.
@PublicLewdness @dngray
The concept of security by obscurity in general is just absurd. It’s maddening that this is the preferred option in Enterprise.