104
Security audits of Home Assistant
(www.home-assistant.io)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 23 Oct 2023
104 points (100.0% liked)
homeassistant
14939 readers
8 users here now
Home Assistant is open source home automation that puts local control and privacy first.
Powered by a worldwide community of tinkerers and DIY enthusiasts.
Home Assistant can be self-installed on ProxMox, Raspberry Pi, or even purchased pre-installed: Home Assistant: Installation
Discussion of Home-Assistant adjacent topics is absolutely fine, within reason.
If you're not sure, DM @GreatAlbatross@feddit.uk
founded 2 years ago
MODERATORS
I agree that Home Assistant's audit is a good thing. While I love that Home Assistant is open source, I'm not sure how that impacts the audit. Proprietary, closed source software can be audited with few differences from an open source software's audit. The biggest difference is that you, myself, or anyone could audit open source software, but it would not be easy for that to happen with closed source software.
It's easier to find something like XSS or auth bypass when you can read the code
Sure, but closed source audits aren’t often made public. So we don’t know when, or how, closed source software is audited. Beyond just our ability to self audit open source, we often get better reporting on the contracted audits performed on open source software.