People here’s take about why free software (“open source”) should be preferred, in my opinion (basically the OpenBSD’s opinion) is flawed.
You said “open source” is “good” because it permits having eyes on (“auditing”) and make sure there isn’t malware.
This is NOT the most important benefit. But it is flawed because, you guys don’t even have the knowledge to do coding. You guys are activist/“journalists” working for CIA. So you cannot audit the software yourselves.
Or “open source” but with a bad code style, how can you make sure the code doesn’t have backdoors? But I think hilarious journalists that is only smart enough to post fake news about how down is the Russia and China economy can’t even write bad code.
“open source” is good, firstly, because it permits auditing the source code and find the bugs, replace flawed/bad code with safer alternative (for example, the advantage of an open-source C software when porting to OpenBSD is they can replace every occurrence of strcat/strcpy with safer strlcat/strlcpy), sandbox it (on OpenBSD, with pledge and unveil), do privileges separation and revocation, etc.
And I think “you can make sure there isn’t malware/backdoors” is the second benefit, NEVER THE FIRST.
Conclusion: Do not blindly trust what is “open source” when you can’t even do code auditing.
@[email protected] or @[email protected] can audit for you.
Seriously, that’s what you’re missing. Bob the non-coder can trust Microsoft not to plant spyware in MS products, or Bob can trust some portion of the public (limited to ~8 billion people) to audit the code. It’s easier to trust the public than it is to trust a corporation. It’s not just about quantity of eyes, but having eyes that are more aligned with your interests.
I’m sorry if I made the guy question his life so hard, he deleted his comments.
You summoned me for auditing code? Call me crazy but I’m in, I would actually do it and hand out free threat level and security analysis for you specific use-case / system.
I’ve been in the industry for 20+ years.
Sounds good… will be interesting to see if @[email protected] takes you up on the offer!
We are actually in touch
Hopefully he asks you to audit a tool you might enjoy using or contributing to.
That would be indeed awesome.
He actually did not delete his post.