Announcement

Collapse
No announcement yet.

NVIDIA 295.40 Closes High-Risk Security Flaw

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    I'm not convinced. Unless you mean commercial open source software, where audits happen mostly by paid professionals. In that case, I fully agree; commercial AND open source is a strong combination. Otherwise, you're relying on volunteers.

    Edit:
    I can still think of counter-examples though. A security flaw in a closed source program that can't be discovered is of no great importance. A security flaw in open code could be spotted by the wrong people. I don't like the "security through obscurity" approach myself, but it does make you think, and I often apply it if it doesn't interfere with more clean security policies.
    Last edited by RealNC; 04-12-2012, 03:51 PM.

    Comment


    • #17
      Originally posted by RealNC View Post
      I'm not convinced. Unless you mean commercial open source software, where audits happen mostly by paid professionals. In that case, I fully agree; commercial AND open source is a strong combination. Otherwise, you're relying on volunteers.

      Edit:
      I can still think of counter-examples though. A security flaw in a closed source program that can't be discovered is of no great importance. A security flaw in open code could be spotted by the wrong people. I don't like the "security through obscurity" approach myself, but it does make you think, and I often apply it if it doesn't interfere with more clean security policies.
      There are other factors that are much more important than just being Open Source. What I wrote is only true for comparable projects - similar number of devs, similar skills, similar policy etc. Open Source brings more possibilities, but they have to be exploited and it's just one of the factors. One of the Open Source advantages is anyone can check if there aren't any backdoors in software or some company can order a third party member to check the code.

      Comment

      Working...
      X