I support free and open source software (FOSS) like VLC, Qbittorrent, Libre Office, Gimp…

But why do people say that it’s as secure or more secure than closed source software? From what I understand, closed source software don’t disclose their code.

If you want to see the source code of Photoshop, you actually need to work for Adobe. Otherwise, you need to be some kind of freaking retro-engineering expert.

But open source has their code available to the entire world on Github or Gitlab.

Isn’t that actually also helping hackers?

  • fmstrat@lemmy.nowsci.comEnglish
    81·
    4 hours ago

    Others have mentioned this, but to make sure all context is clear:

    • FOSS software is not inherently more secure.
    • New FOSS software is probably as secure as any closed source software, because it likely doesn’t have many eyes on it and hasn’t been audited.
    • Mature FOSS software will likely have more CVEs reported against it than a closed source alternative, because there are more eyes on it.
    • Because of bullet 3, mature FOSS software is typically more secure than closed source, as security holes are found and patched publicly.
    • This does not mean a particular closed source tool is insecure, it means the community can’t prove it is secure.
    • I like proof, so I choose FOSS.
    • Most people agree, which is why most major server software is FOSS (or source available)
    • However that’s also because of the permissive licensing.