|
|
|
|
|
|
by mardifoufs
702 days ago
|
|
|
I could see an open source solution with "private" or vendor specific definition files. But I think I'd disagree with the statement that open sourcing everything wouldn't cause any problem. Engineering isn't necessarily about peer reviewed studies, it's about empirical observations and applying the engineering method (which can be complemented by a more scientific one but shouldn't be confused for it). It's clear that this type of stuff is a game of cat and mouse. Attackers search for any possible vulnerability, bypass etc. It does make sense that exposing one side's machinery will make it easier for the other side to see how it works. A good example of that is how active hackers are at finding different ways to bypass Windows Defender by using certain types of Office file formats, or certain combinations of file conversions to execute code. Exposing the code would just make all of those immediately visible to everyone. Eventually that's something that gets exposed anyways, but I think the crucial part is timing and being a few steps ahead in the cat and mouse game.
Otherwise I'm not sure what kind of proof would even be meaningful here. |
|
|
That is not what am saying, I am saying open sourcing doesn’t cause more problems than proprietary systems which is the argument OP was making .
Open source is not a panacea, it is just not objectively worse as OP implies.