all software should be open source wtf. u expect me to run this on my own computer without knowing what its doing???
car manufacturers dont weld the hoods shut to keep ppl from copying their engines. books arent written with a military-grade cipher to avoid plagiarism. and we dont let food have “secret formulas” anymore bc too often one of the “secret ingredients” was fucking lead
when ur distributing a product to the public u forfeit the right to hide whats inside it, u dont get to hand out a black box and expect ppl to just trust u when u totally swear it doesnt have a microphone inside
I’m gonna state outright that the code for everything should be open.
But really, we need to understand this isn’t anywhere near a complete defense. We only need to look at OpenSSL to see how easily blindsided you can be by unexpected and exploitable behavior even in popular, extremely important, open source, code.
I lost most of my faith in the idea “given enough eyeballs, all bugs are shallow” with Heartbleed.
Open source code is more accessible, but, I look at the source code for any OSS programs I use basically never, compared to how much I run it. And even then I have the privilege of understanding C, a number of things that look like C, and two different kinds of assembly.
Others don’t got that.
(This doesn’t even get into deliberate obfuscation of program behavior.)
Even with open source, its reflections on trusting trust all the way down. Its a tool, one we should have for everything, but not a panacea.
Anyway what i really wanna say is we should have open source, but there should be multiple tools in telling software devs to fuck off with their shitty user-hostile behavior.