Not discrediting Open Source Software, but nothing is 100% safe.

  • Cypher@lemmy.world
    link
    fedilink
    English
    arrow-up
    14
    arrow-down
    1
    ·
    1 year ago

    Luckily there are people who do know, and we verify things for our own security and for the community as part of keeping Open Source projects healthy.

      • buckykat@lemmy.fmhy.ml
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Also because those people who can audit it don’t have a financial incentive to hide any flaws they find

      • andrew@lemmy.stuart.fun
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        And to a large extent, there is automatic software that can audit things like dependencies. This software is also largely open source because hey, nobody’s perfect. But this only works when your source is available.

    • guy@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Though one of the major issues is that people get comfortable with that idea and assume for every open source project there is some other good Samaritan auditing it