Open Source Software is more secure
It's amusing how even "Architects" in MS Product Companies think Open Source Software is less secure.
That's like saying a bank is safer if it's in a remote location.
Or locks from unknown companies are safer than locks from known ones.
Proprietary Software relies on loopholes not being found.
Open Source Software relies on not having loopholes.
2022 Update
Given below is a slightly better explanation of this Security Through Obscurity (STO) fallacy, by the LockPickingLawyer.
There may be a market for locks with completely transparent cases, i.e., the open source software model. Limit obvious loopholes and demonstrate acceptable levels of security, by eliminating obscurity.
But isn't anonymity another form of Security Through Obscurity?
"I don't think my name adds or subtracts from my message. I have no desire to be famous or well-known... I had a lot of big well-known companies as clients, and i didn't want my online presence to interfere with that...
Locksmithing, back to its very earliest forms up to the present day, really have held very very close the tricks they used to defeat locks. In fact, I've read in the early days those breaking this wall of silence would certainly be ostracized; but probably would also face bodily injury, if not death.
So i've had some very long conversations with present day locksmiths who still insist to this day quite vigorously that me revealing how terrible locks are is putting your dear little granny in danger, and locksmiths tend to get pretty angry about it too angry with me.
They apparently either don't think there's a problem or they know there's a problem and think that hiding it will make it go away. There's a name for this... Security by obscurity.
Anyone professing this same line of thought in the world of digital security would be absolutely crucified. Well, metaphorically crucified and would probably not be able to find a job and that's as it should be. Employers don't like hiring idiots yet. Well, some do. I'm sure you've all got one at work.
Yet in the world of locksmithing not only does this line of thinking reign supreme but those who abide by it think themselves morally and ethically superior to others. It's pretty incredible.
It's like every single one of them collectively decided to simultaneously put their head in the sand. It's pretty remarkable."
There may be a market for locks with completely transparent cases, i.e., the open source software model. Limit obvious loopholes and demonstrate acceptable levels of security, by eliminating obscurity.
ReplyDelete