Not discrediting Open Source Software, but nothing is 100% safe.

  • tedgravy
    link
    fedilink
    English
    arrow-up
    12
    ·
    1 year ago

    As a packager, I totally relate to this: we generally don’t have the resources to follow the upstream development of the projects we rely on, let alone audit all the changes they make between releases. Open source software still has security advantages — we can communicate directly with the maintainers, backport security fixes and immediately release them to users, fix bugs that affect the distribution, etc. — but I agree that it’s not a silver bullet.