|
|
|
|
|
|
by cge
1396 days ago
|
|
|
I assume it was meant as a bit of a joke with a point, because of the nature of the breach. Here, the concern is that the development environment was breached, and source code and confidential technical details were accessed. Bitwarden is fully open source, both for the client and server, and they also offer docker images to self-host the server. Unlike Lastpass, an attacker gains nothing by stealing the code that the general public doesn't already have. Bitwarden developers argue that this 'source code transparency' is important for such a security system. However, it is at the same time fair to say that there are possible breaches for Bitwarden as well that would involve stealing information, despite being open source. Their website, the securing of the process by which their downloads and updates are produced and distributed, the way the hosting for their web vault is secured... |
|
|