Is the failure of OpenSSL point to a problem with the open source philosoph



  • One of the basic tenates of open source sources is that it is self fixing as anyone can repair it because the source code is open. It apparently didn't work on the case of OpenSSL. I think it has been around for awhile but no one seemed to either find the problem or fix it. I guess you could say that those who used it got exactly what they paid. This is my point, the idea that open source is by its nature safe is not necessarily true just as it isn't in closed source. So what has happened seems like a lot of silence. What are your thoughts on the subject?



  • My opinion is that open source has a place, but not everywhere, especially not high security. Because OpenSSL was free, a whole bunch of companies used it. Now that a problem was found, a whole bunch of companies had to rush to fix it. To make my point, none of my financial institutions are using it.



  • There is nothing magical about open source software.
    Being open-sourced does not make any software bug-free automagically.

    The particular example of the Heartbleed OpenSSL bug was found and patched quite quickly - considering the complexity of that software package.

    On the other side the closed source software has bugs and exploits too, but FAR LESSER benevolent eyes to search and fix them.

    The malevolent eyes are scrutinising all software - open or closed - for exploits. They will not disclose their findings for good purposes, they use them for their sinister purposes.

    Just have a look at how many bugs are in Apple's software, how many back doors could there be put on purpose by Apple themselves. (Or MS if you want.)
    I'll never touch an ifone/ipad/ibook even with a ten feet pole!



  • @booBot:

    Just have a look at how many bugs are in Apple's software, how many back doors could there be put on purpose by Apple themselves. (Or MS if you want.)

    Speaking of backdoors:
    Easter egg: DSL router patch merely hides backdoor instead of closing it


Log in to reply
 

Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.