lemmyreader@lemmy.ml to linuxmemes@lemmy.worldEnglish · 7 months agoBackdoorslemmy.mlimagemessage-square43fedilinkarrow-up110arrow-down10file-textcross-posted to: autism@lemmy.world
arrow-up110arrow-down1imageBackdoorslemmy.mllemmyreader@lemmy.ml to linuxmemes@lemmy.worldEnglish · 7 months agomessage-square43fedilinkfile-textcross-posted to: autism@lemmy.world
minus-squareprettybunnys@sh.itjust.workslinkfedilinkarrow-up0·7 months agoCrowd sourcing vulnerability analysis and detection doesn’t make open source software inherently more secure. Closed source software has its place and it isn’t inherently evil or bad. This event shows the good and bad of the open source software world but says NOTHING about closed source software.
minus-squareoce 🐆@jlai.lulinkfedilinkarrow-up0·7 months ago Crowd sourcing vulnerability analysis and detection doesn’t make open source software inherently more secure. It does, because many more eyes can find issues, as illustrated by this story. Closed source isn’t inherently bad, but it’s worse than open source in many cases including security. I think you’re the only one here thinking publishing PoC is bad.
minus-squareSquare Singer@feddit.delinkfedilinkarrow-up0·7 months agoBut this issue wasn’t found because of code analysis per se, but because of microbenchmarking.
Crowd sourcing vulnerability analysis and detection doesn’t make open source software inherently more secure.
Closed source software has its place and it isn’t inherently evil or bad.
This event shows the good and bad of the open source software world but says NOTHING about closed source software.
It does, because many more eyes can find issues, as illustrated by this story.
Closed source isn’t inherently bad, but it’s worse than open source in many cases including security.
I think you’re the only one here thinking publishing PoC is bad.
But this issue wasn’t found because of code analysis per se, but because of microbenchmarking.