1662
It's Open Source! (lemmy.dbzer0.com)
submitted 1 year ago* (last edited 1 year ago) by 001100010010@lemmy.dbzer0.com to c/memes@lemmy.ml
221 comments fedilink hide all child comments

Not discrediting Open Source Software, but nothing is 100% safe.

you are viewing a single comment's thread
view the rest of the comments
[-] TheBeege@lemmy.world 51 points 1 year ago

I had a discussion with a security guy about this.

For software with a small community, proprietary software is safer. For software with a large community, open source is safer.

Private companies are subject to internal politics, self-serving managers, prioritizing profit over security, etc. Open source projects need enough skilled people focused on the project to ensure security. So smaller companies are more likely to do a better job, and larger open source projects are likely to do a better job.

This is why you see highly specialized software has really enterprise-y companies running it. It just works better going private, as much as I hate to say it. More general software, especially utilities like OpenSSL, is much easier to build large communities and ensure quality.

[-] Distributed@lemmy.ml 5 points 1 year ago

prioritizing profit over security

Laughs, nervously, while looking at my company's auth db, which uses sha-256 still lol..

[-] andrew@lemmy.stuart.fun 1 points 1 year ago

It never should have been anything but bcrypt/scrypt, but sha256 is so much better than many alternatives. Hopefully it's at least salted in addition to hashing.

load more comments (3 replies)
this post was submitted on 07 Jul 2023
1662 points (93.0% liked)

Memes

45660 readers
1029 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
gary_host_laptop@lemmy.ml
sexy_peach@feddit.de
cyclohexane@lemmy.ml
cypherpunks@lemmy.ml