[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Gnu PG is more Safe ?



On Wed, Jul 24, 2013 at 07:31:20PM +1200, Peter Gutmann wrote:
> unsurprisingly, that being open source doesn't magically make you more secure.
> You only find bugs (vulns) if someone looks for them, and a closed-source app
> that's actively analysed for vulns (because the vendor pays employees to do
> it) is going to be more secure than an open-source app that no-one looks at
> because they're not motivated to.

Of course open source isn't magic pixie dust, but neither is most
commercial software very well analyzed.  There are exceptions, but most
commercial software that I have direct experience with is lacking the
"active analysis" by people who are qualified and motivated to find
bugs.

-andy