Positive
Only logged in members can reply and interact with the post.
Join SimilarWorlds for FREE »

As much as I support the FSF's goals the practical reality means I can't make those sacrifices.

Godspeed to them but like for instance the way their browser blocks "Non free" JavaScript makes half the web bloody unusable.

The Nvidia opensource driver too is a pile of garbage in it's present state hopefully it improves but shit.

next desktop will probably be built with a Radeon card just out of anger towards Nvidia. I know there was a big splash about them releasing the source code to their Linux driver but the reality was it was a release with Redactions rather than the full unredacted source code that was released for business decisions so some companies could make minor modifications to it as needed.

But my view is as follows, Internal Code audits will rarely capture as much as Open source code audits.

We think of Security through obscurity often as Secure but the reality is that Hackers have tools that help them reverse engineer like Ghidra that help them understand what the Binary itself is doing to make strong educated guesses at the source code and eventually reverse engineer something close enough to be a near drop in replacement.

Meaning we essentially are able to probe inside the black boxes enough that we can't be certain 100% of what's in there but get close enough to break the security and uncover bugs.

and so it always fails eventually.

open source security has a better track record, it still sometimes fails but not nearly as often.

Why? Simply because there are more eyeballs on the code.

 
Post Comment