Like a privacy based fully open source browser. Wouldnt it be more hackable because every one know the script and is a glopal privacy based gpay alternative possible ? What about targeted hacking is someone using closed source application more better off than someone with ooen source ?
It’s a dual edged sword, everybody can look for vulnerability, it may-help some pirates, but it also means that everyone can volunteer to fix-it. To my understanding, professional security auditor concluded that (at least for big free projects) open-source is safer than closed source because more people fix bugs than exploit them
No more specifically it’s safer because bugs can be found readily.
Yes, this increases your attack surface. But way worse than the easily-found-easily-exploited bug is the bug that is being exploited and you have fuck all idea it’s even there.
Tetra (the digital radio) is a nice example for that. It was ‘secure’ for a long time - or at least we don’t know otherwise, because the majority of issues found when an independent team finally bothered to reverse that thing can be exploited without the operators noticing.
With an open standard people would’ve told them in the 90s already that they’re morons.
Or the exploit has been found but the dev do fuck all to fix it.
FOSS generally puts more pressure on people to write better and safer code, because you know everyone is going to look at it. Even when vulnerabilities are found, they are usually fixed so fast compared to the proprietary side. There are stories of people waiting 6 months for Microsoft to fix a vulnerability, while an Openssh or openssl issue is usually fixed in a few days.