• suction@lemmy.world
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    1 year ago

    OSS has its own attack vectors which closed doesn’t, i.e. malicious code snuck into upstream libraries and going unnoticed for weeks, or outright buying popular oss code from devs to abuse.

    Neither is more secure.

    • ReakDuck@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      People can figure out what happens on OSS while for closed source, it will be after 5 years still unnoticed