...with open source you get a considerable amount of audit for free just by eyes dealing with building/bug reports/porting.
-
-
Replying to @RichFelker @CopperheadOS
Whenever someone reports a program not working with musl, I almost always run across significant source level bugs while investigating.
1 reply 0 retweets 0 likes -
Replying to @RichFelker
Most open source projects are developed by only a couple people are rarely if ever have anyone else looking at more than an API. It's not really helping defenders to have tens of millions of GitHub repositories.
1 reply 0 retweets 1 like -
Replying to @CopperheadOS @RichFelker
For example, do you think it would be good or bad for your security to put all of your dotfiles without credentials on GitHub? You might have a glaring security hole in your configuration. Someone might point it out to you so you can fix it, or someone might exploit it.
1 reply 0 retweets 0 likes -
Replying to @CopperheadOS @RichFelker
Attackers often don't have a lot of resources. You might just make a troll angry on IRC or Twitter and they look through your profiles, GitHub repositories, etc. and find a mistake in a configuration file or some plugin / script you made that lets them exploit you.
1 reply 0 retweets 0 likes -
Replying to @CopperheadOS @RichFelker
Whether it's a net benefit is based on how helpful the sources are (very helpful for C, ridiculously helpful for C++, negligible for Java) and whether people actually end up using the sources to make the software more secure / robust (not the case for 99% of projects).
1 reply 0 retweets 0 likes -
Replying to @CopperheadOS @RichFelker
Rust sources are perhaps even more helpful than C++ sources since the code has so many layers of simple abstractions designed to be reliably stripped away by trivial compiler optimizations and they default to LTO (C++ abstractions are harder to strip away).
1 reply 0 retweets 0 likes -
Replying to @CopperheadOS @RichFelker
Definitely believe that open source software *can* get security benefits from being open source (and popular projects *often* do) but not really that it's harder to find a backdoor if you only have the machine code.
1 reply 0 retweets 1 like -
Replying to @CopperheadOS @RichFelker
People need to think more about what a backdoor would look like, even just one made by 1 person that's relatively smart. Not talking about the leftover debugging code that often gets called a backdoor but something genuinely malicious.
1 reply 0 retweets 0 likes -
Replying to @CopperheadOS @RichFelker
Not saying that a project like musl doesn't get security benefits from being open source but that if you genuinely tried to insert a backdoor, we doubt anyone would notice. Maybe years later it would be found as a vulnerability but if it was done well it'd look like a mistake.
2 replies 0 retweets 0 likes
Backdoors and vulnerabilities are completely different matters, I think.
-
-
Replying to @RichFelker
Mostly talking about backdoors. Definitely think open source is a better model for writing secure software but don't think there's magical value in it and however much easier it is to audit vs. the compiled form (Java bytecode is very high-level already) applies to attackers too.
1 reply 0 retweets 0 likes -
Replying to @CopperheadOS @RichFelker
It's theoretically a better model but that depends on the external security research / contributions / review / auditing happening that wouldn't have happened if it wasn't open source. The vast majority of projects aren't central enough to get something like that.
0 replies 0 retweets 0 likes
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.