Skip to main content

Security though obscurity is not good enough security...

As this article points out, security through obscurity in software is not really all that safer than software using FLOSS. The evidence so far seems that proprietary software doesn't have that good run so far, and what it make it worse is that in some cases people could have cough on what was going on if it was possible to audit the software independently by third parties.

To be honest, all software is vulnerable to have malicious code injected and to have bugs that could be maliciously exploited. But the difference between between free software and proprietary software, is that on free software that malicious code can be discovered in a faster and easier way.

True, there are examples where there has been vulnerabilities that have been missed for years. But, most of the time vulnerabilities are found and corrected relatively fast. This is particularly important on code used on applications that where human lives are on the line, where is vital to have third parties audit the code to make sure that is as safe as possible.

Let's face it, most companies want to use proprietary software because that way they can get away with things that aren't in our best interest more easily. Is not a case of making their things safer for us, but they being able to make the most money by taking away our freedoms over the product, and do things they wouldn't be able to do other wise.

With free software, that wouldn't be an issue since anyone interested in looking into a certain software would be able to audit it. Not only that, they could actually work on it to fix if any vulnerabilities or malicious code was found.

While is true that not all free software is as scrutinized as it should be, the key is that all free software can be scrutinized to make it sure it works as it should and for any vulnerabilities that could compromise its as safe as possible. If anything wrong is found, it can be fixed by either the vendor or the user.

At the end of the day, security through obscurity is not true security since vulnerabilities can't be fixed as fast as possible. Let's face, this leave a lot of people exposed and in some circumstances this could be deathly.

So, we would be better of if free software became the norm.

Comments

Post a Comment

Popular posts from this blog

Machenike and Linux Mint: quite a nice combo.

I've been using a Machenike L16A  with Linux Mint  as my daily driver for four months now, and I must admit that I'm impressed with how good the experience has been so far. The Machenike was recommended to me by a close friend about six months ago, since I told him that I was looking for a new laptop. He had bought one a while ago, and said that it was a solid machine. Not only that, Machenike laptops were quite a great value for the money since they are significantly cheaper than comparable laptops from the competitions. And to be honest, when I got my laptop i expected to be so, but not to the extent it has been so far. After four months, my laptop feels really snappy and the performance is just great. And since I upgraded to Linux Mint 22 Wilma, it only has gotten better. One of the areas where I see most improvement, in on the Bluetooth connectivity. It connects more consistently with the three Bluetooth headphone I use, and now I can see how much battery the headphones I...
Post a Comment
Read more

Machenike L16A: a great value for the money.

I recently got a Machenike L16A to replace the HP laptop I've been using for about 4 years now, and it has been quite a good upgrade. The value for the price has been excellent, it has really felt like an upgrade. Specially going from 8Gb of RAM to 16Gb. I specially notice the better performance when at work, since I use a remote desktop. I simply don't see as much slowdowns on the same use. Most of the time, at work I've the remote desktop app, Firefox , Thunderbird , Spotify , or sometimes Rhythmbox , open at the same time and having 16Gb of RAM gives the performance I need since at time around 6-7Gb are used. I also feel the AMD Ryzen CPU has been quite an upgrade, since it has more cores and threads than the Intel CPU my HP laptop has. That makes for a better user experience. But, where I see the better user experience is on the keyboard, and display side of things. The keyboard keys got stuck often, making the track pad unusable and characters to repeat themselves. ...
Post a Comment
Read more

Linux Mint 22.1 Xia: a solid point release.

It has been about a week since I upgraded to the Linux Mint 22.1 Xia,  and it has been one of the best point releases Linux Mint has had in a while. The change that has proven to have the most impact on me, as an user, is the ability to change the power setting on my laptop. I've seen a mayor battery life improvement when I set the power setting to power saving when not plugged in, and one of several hour. It has gone up from about 4 hours, to about 8 from a full battery charge. Other than that, it has been a great point release so far for my daily use. Now, I'm looking forward for Wayland to supersede X11 . And that's why I like Linux Mint, it give a modern OS that only changes things when necessary and it just works. It isn't at the bleeding edge of Linux, but I don't need to be at the bleeding edge. I just need at the system that just work.
Post a Comment
Read more