zlacker

[parent] [thread] 4 comments
1. Dalewy+(OP)[view] [source] 2025-01-04 00:59:53
>I know that people claim that open source is more secure because anyone can audit it, but I wonder how closely its security actually interrogated.

The answer is that, no, nobody akshuarry audits anything. This has been proven time and time again, especially in the last few years.

>All of it gives me a bias towards using official sources from companies like Apple and Google, who presumably hire the talent and institute the processes to do things right.

What you get from commercial vendors is liability, you get to demand they take responsibility because you paid them cold hard cash. Free products have no such guarantees, you are your own liability.

replies(3): >>mid-ki+d1 >>graeme+Eb >>yjftsj+Cr
2. mid-ki+d1[view] [source] 2025-01-04 01:08:57
>>Dalewy+(OP)
And we've seen time and time again how that liability "harms" them when they whoopsie daisy leak a bunch of data they shouldn't have gathered in the first place...
3. graeme+Eb[view] [source] 2025-01-04 02:56:09
>>Dalewy+(OP)
What liability? How do they take responsibility if there is a security flaw?
replies(1): >>fl0id+0M
4. yjftsj+Cr[view] [source] 2025-01-04 06:31:52
>>Dalewy+(OP)
> The answer is that, no, nobody akshuarry audits anything. This has been proven time and time again, especially in the last few years.

Sooo how about the audits linked in >>42592444 ?

◧◩
5. fl0id+0M[view] [source] [discussion] 2025-01-04 11:52:01
>>graeme+Eb
Especially as many licenses have liability disclaimers. Sure some enterprise stuff etc will have stronger guarantees etc but not by default probably
[go to top]