|
|
|
|
|
|
by CiPHPerCoder
3439 days ago
|
|
|
The issue is that the client software being open source (rather than closed source) would do nothing to change the risk profile, so it's not worth bringing up. If the client is open source: What the server is doing is irrelevant as long as the client is secure. If the client is closed source: What the server is doing is irrelevant as long as the client is secure. If the server can compromise the client, whether or not the client is open source does not matter. People who believe that open source is a prerequisite for security are disregarding the entire discipline of reverse engineering which is a large chunk of software security expertise. |
|
|