Originally posted by BesiegedAce
View Post
But the closed source, proprietary, licensed other choice is even crazier.
The point about FLOSS is that the source is verifiable and auditable, you can verify a build, you can make and distribute changes without legal repercussions. It boils down to who bothers to audit the source. That is not the writer's problem: it is the problem for the person or organisation choosing to use it. Some prefer to pay money to commercial offerings to 'make the problems go away'. The major problem is that they don't. You might not be allowed to view the source, or if you are, you can;t distribute changes, or accept changes from anyone other than the copyright holder - who might charge for them, or not even make them available. You can't verify that the binary you are running can be built from the source you might be permitted to see.
Open source/FLOSS does not magically resolve all bugs. That is a fairy tale. But anyone can review the code. Anyone can verify the build. You can take responsibility for the code you run. If you don't want to do that, pay someone else to to the audit and other heavy lifting. But don't pretend commercial software is any better.
FLOSS is not perfect. But it gives you the freedom to check and remedy things far, far in advance of non-free software. The fact that people might not do it enough is a people problem, not a FLOSS problem. You have been given the keys to the kingdom: it is up to you to use them.
Comment