Hacker News new | past | comments | ask | show | jobs | submit login

> Why is the licensing model even relevant?

Licensing model directly affects the availability of source code, and this technically facilitates exploit discovery.




Also, many open source proponents claim that open source software is more secure because the “many eyes” theory will lead to bugs and vulnerabilities being discovered sooner. This and other high profile exploits like heartbleed show how well this theory applies in practice is questionable.


I find that conclusion presumptuous. Unless you can say how many bugs would have been discovered had the source been closed, then it doesn't make sense to claim the opposite.

Also, do we know that e.g. this and Heartbleed were discovered by reading the source? If they weren't then the availability of the source code is inconsequential IMO.


That's a very dubious claim, as it depends on the largely debunked idea of "security through obscurity." Bruce Schneier: https://www.schneier.com/crypto-gram/archives/2002/0515.html...


I am not saying that closed-source software is more secure. I am saying finding exploits when the source code is available is definitely easier.


Ah. Yes, I suppose. As it is easier to find exploits in service of closing them as well as in using them (security researchers seem to mostly come down on the side that this averages out as more secure). If that's what you meant, I apologise for the misinterpretation. This particular article doesn't make that point, though, so I remain with the feeling that mentioning the license model in the title is irrelevant and a bit misleading.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: