343
Hi everyone. I just need to get this off my chest because I don't know of it's just me that's wrong ...
1 month, 3 weeks ago
—
1 month, 4 weeks ago9 of 9
Tip Reveddit Real-Time can notify you when your content is removed.
your account history
Tip Check if your account has any removed comments.
view my removed comments you are viewing a single comment's thread.
view all comments
My response is, "You mean more secure, right?". And, when they look at me confused, I say, "Open Source means many more eyes are looking at the code and reporting issues, so more secure!". If they give me any more pushback, I just start handing them lists of Open Source used in proprietary code, and ask them why the "Big Guys" use it!
Usually by that point they start shutting up because they realize they are looking like clowns...
(P. S. All clowns must die!)
Well, kinda. https://xkcd.com/2347/
Log4j. 😬
or ffmpeg
Yep!
You don’t even have to go that far.
All you have to say is “well, AWS and Azure are built on FOSS, and if it’s good enough for two of the biggest tech giants in the world, I think it’s good enough for us”
OpenSSL was one of the most popular open-source libraries, yet was an absolute trainwreck of a codebase. There was a famous SSH vulnerability introduced when someone tried to do some code cleanup and removed a key source of entropy into the private key generator.
this is not true , seel log4j and heartbleed
Log4J was a huge issue but it also got fixed very quickly.