Not discrediting Open Source Software, but nothing is 100% safe.

    • andrew@lemmy.stuart.fun
      link
      fedilink
      English
      arrow-up
      13
      ·
      edit-2
      1 year ago

      I’m not mad, just disappointed.

      In all seriousness though, I just disagree and I think it’s important to note the inaccuracy of thinking that a bug, which is famous only because it was deliberately publicized and deliberately open source, is anything but a huge win compared to what would likely have played out had the most popular SSL library in the world been proprietary and closed.

      • bloodfart@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        4
        ·
        1 year ago

        What do you disagree with? Heartbleed was a vulnerability in OpenSSL. It affected millions of computers.

        • stappern@lemmy.one
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          that is a big problem. it was quickly fixed and i dont see how it does proprietary software any favors…

          • bloodfart@lemmy.ml
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 year ago

            The only person in the whole thread talking about proprietary software is that guy.

            This is a thread about how the accepted wisdom that many eyes make open source software more secure is based on the assumption that someone else is effectively auditing the code base which has been proven over and over again not to be true.

            E: I just looked at this thread and now everyone is talking about proprietary software. It would be cool if the progression of time made fools of us all, but it looks like it’s just me this time.