Cal.com goes closed source “because of security” (cal.com)

submitted 1 month ago by pylapp@programming.dev to c/opensource@lemmy.ml

8 comments fedilink hide all child comments

top 8 comments

sorted by: hot top controversial new old

[-] Alvaro@lemmy.blahaj.zone 84 points 1 month ago* (last edited 1 month ago)

Everytime this happens I only hear either

"We don't know security so we will hide our shitty code"

"We want to make more money but here is an excuse"

[-] Lemmchen@feddit.org 64 points 1 month ago* (last edited 1 month ago)

Never heard of them, but they can fuck right off.

Today, AI can be pointed at an open source codebase and systematically scan it for vulnerabilities.

Well, then do that.

It’s not a perfect solution, but we have to do everything we can to protect our users.

All you do is shipping unaudited software, you cunts.

[-] uuj8za@piefed.social 20 points 1 month ago

Today, AI can be pointed at an open source codebase and systematically scan it for vulnerabilities.

Well, then do that.

iknowrite? If these magical scanners can find all the bugs in your code...... then why don't they use these magical scanners to find all their bugs in their code!??! 😂

[-] Tenderizer@aussie.zone 4 points 1 month ago

Well, then do that.

Those tools cost money.

[-] scrubbles@poptalk.scrubbles.tech 2 points 1 month ago

Honestly for scanning a codebase like they're talking about it's maybe, and I mean maybe a few hundred, it you had it scrutinize and lay out every method. Pennies for a company.

[-] theherk@lemmy.world 13 points 1 month ago* (last edited 1 month ago)

They don’t seem to realize that higher level languages help us understand the code. Language models will be similarly capable of reading the binaries they ship. So what they doing is hiding code from users, not machines.

To clarify, I don’t mean right now. They haven’t been sufficiently trained on machine code and that lacks some semantic help. But the future they fear will have transformers just as capable with lower level code.