45
submitted 1 year ago* (last edited 1 year ago) by nIi7WJVZwktT4Ze@fost.hu to c/foss@beehaw.org

Let's say, I create a bank with the caveat that all of my banking phone apps and webapps are FOSS (or if they depend on non-free components — banks probably do to communicate with each other —, then just OSS). Am I going to be behind the competition by doing this?

If the most secure crypto algorithms are the ones that are public, can we ensure the security of a bank's apps by publicizing it?

Are they not doing this because they secretly collect a lot of data (on top of your payment history because of the centralized nature of card payments) through these apps?

EDIT: Clarifying question: Is there a technical reason they don't publicize their code or is it just purely corporate greed and nothing else?

you are viewing a single comment's thread
view the rest of the comments
[-] villasv@beehaw.org 1 points 1 year ago* (last edited 1 year ago)

I'm in total agreement that OSS builds more secure software. What I'm saying is that these companies are not in the business of building safe software.

From there, I see no advantage to closed-source here.

I think the easiest mental map is this: doing things well has a cost; doing things poorly can be cheaper; if it's way cheaper and there's some method available to de-risk it even if a little bit, no matter how little effective it is, it might be financially advantageous to pick the inferior option. This is not just for security, but pretty much everything.

this post was submitted on 17 Nov 2023
45 points (100.0% liked)

Free and Open Source Software

17550 readers
73 users here now

If it's free and open source and it's also software, it can be discussed here. Subcommunity of Technology.


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS