As this article points out, security through obscurity in software is not really all that safer than software using FLOSS. The evidence so far seems that proprietary software doesn't have that good run so far, and what it make it worse is that in some cases people could have cough on what was going on if it was possible to audit the software independently by third parties.
To be honest, all software is vulnerable to have malicious code injected and to have bugs that could be maliciously exploited. But the difference between between free software and proprietary software, is that on free software that malicious code can be discovered in a faster and easier way.
True, there are examples where there has been vulnerabilities that have been missed for years. But, most of the time vulnerabilities are found and corrected relatively fast. This is particularly important on code used on applications that where human lives are on the line, where is vital to have third parties audit the code to make sure that is as safe as possible.
Let's face it, most companies want to use proprietary software because that way they can get away with things that aren't in our best interest more easily. Is not a case of making their things safer for us, but they being able to make the most money by taking away our freedoms over the product, and do things they wouldn't be able to do other wise.
With free software, that wouldn't be an issue since anyone interested in looking into a certain software would be able to audit it. Not only that, they could actually work on it to fix if any vulnerabilities or malicious code was found.
While is true that not all free software is as scrutinized as it should be, the key is that all free software can be scrutinized to make it sure it works as it should and for any vulnerabilities that could compromise its as safe as possible. If anything wrong is found, it can be fixed by either the vendor or the user.
At the end of the day, security through obscurity is not true security since vulnerabilities can't be fixed as fast as possible. Let's face, this leave a lot of people exposed and in some circumstances this could be deathly.
So, we would be better of if free software became the norm.
No comments:
Post a Comment