Skip to main content

Security though obscurity is not good enough security...

As this article points out, security through obscurity in software is not really all that safer than software using FLOSS. The evidence so far seems that proprietary software doesn't have that good run so far, and what it make it worse is that in some cases people could have cough on what was going on if it was possible to audit the software independently by third parties.

To be honest, all software is vulnerable to have malicious code injected and to have bugs that could be maliciously exploited. But the difference between between free software and proprietary software, is that on free software that malicious code can be discovered in a faster and easier way.

True, there are examples where there has been vulnerabilities that have been missed for years. But, most of the time vulnerabilities are found and corrected relatively fast. This is particularly important on code used on applications that where human lives are on the line, where is vital to have third parties audit the code to make sure that is as safe as possible.

Let's face it, most companies want to use proprietary software because that way they can get away with things that aren't in our best interest more easily. Is not a case of making their things safer for us, but they being able to make the most money by taking away our freedoms over the product, and do things they wouldn't be able to do other wise.

With free software, that wouldn't be an issue since anyone interested in looking into a certain software would be able to audit it. Not only that, they could actually work on it to fix if any vulnerabilities or malicious code was found.

While is true that not all free software is as scrutinized as it should be, the key is that all free software can be scrutinized to make it sure it works as it should and for any vulnerabilities that could compromise its as safe as possible. If anything wrong is found, it can be fixed by either the vendor or the user.

At the end of the day, security through obscurity is not true security since vulnerabilities can't be fixed as fast as possible. Let's face, this leave a lot of people exposed and in some circumstances this could be deathly.

So, we would be better of if free software became the norm.

Comments

Post a Comment

Popular posts from this blog

Machenike and Linux Mint: quite a nice combo.

I've been using a Machenike L16A  with Linux Mint  as my daily driver for four months now, and I must admit that I'm impressed with how good the experience has been so far. The Machenike was recommended to me by a close friend about six months ago, since I told him that I was looking for a new laptop. He had bought one a while ago, and said that it was a solid machine. Not only that, Machenike laptops were quite a great value for the money since they are significantly cheaper than comparable laptops from the competitions. And to be honest, when I got my laptop i expected to be so, but not to the extent it has been so far. After four months, my laptop feels really snappy and the performance is just great. And since I upgraded to Linux Mint 22 Wilma, it only has gotten better. One of the areas where I see most improvement, in on the Bluetooth connectivity. It connects more consistently with the three Bluetooth headphone I use, and now I can see how much battery the headphones I...
Post a Comment
Read more

Machenike L16A: a great value for the money.

I recently got a Machenike L16A to replace the HP laptop I've been using for about 4 years now, and it has been quite a good upgrade. The value for the price has been excellent, it has really felt like an upgrade. Specially going from 8Gb of RAM to 16Gb. I specially notice the better performance when at work, since I use a remote desktop. I simply don't see as much slowdowns on the same use. Most of the time, at work I've the remote desktop app, Firefox , Thunderbird , Spotify , or sometimes Rhythmbox , open at the same time and having 16Gb of RAM gives the performance I need since at time around 6-7Gb are used. I also feel the AMD Ryzen CPU has been quite an upgrade, since it has more cores and threads than the Intel CPU my HP laptop has. That makes for a better user experience. But, where I see the better user experience is on the keyboard, and display side of things. The keyboard keys got stuck often, making the track pad unusable and characters to repeat themselves. ...
Post a Comment
Read more

Linux Mint going for the long-term support model was the right choice.

Ever since I stared using  Linux Mint  with the long-term support mantra with the version 19 Tara release, I've come to prefer Linux distros  that use development model rather than distros that release updates more often with shorter support windows. Even though I upgrade to the new Linux Mint release as soon it becomes available, knowing that I don't have to rush it and that the testing to make sure nothing is broken with the new release is a bit more intense, gives me feel a bit safer about thing will continue working as I used to and expect them to. Besides, all the apps I use are updated as continuously. As such, I don't need to worry using versions of those apps that fall behind. Not only the that, with updates to Linux Mint come as needed and the point releases keep bring the big releases that weren't included at the original release of the OS. For my needs, Linux Mint cover them all, and it gets better with time. With each release, Linux Mint keeps feeling like ...
Post a Comment
Read more