|
|
|
|
|
|
by stephenr
3770 days ago
|
|
|
I'm a big fan of using open source software to build a business on - particularly BSD/MIT/Apache (aka "permissive") licenses - but the idea that "Open Source === Audited" is laughable. How many huge bugs have been discovered in very widely used open source libraries/applications and identified as having affected the software for many years? Would you be satisfied if Apple provided the option for NDA-sealed access to the source, allowing people/researchers to view (but not redistribute) their stack? Edit: fixed brain shart (extra word) |
|
|
OpenSSL was vulnerable since end of 2011. Fixed mid 2014.
And it's one of the most popular and commonly used open source technologies.