And even when problems are found, like the heartbleed bug in OpenSSL, they’re way more likely to just be fixed and update rather than, oh I dunno, ignored and compromise everybody’s security because fixing it would cost more and nobody knows about it anyway. Bodo Moller and Adam Langley fixed the heartbleed bug for free.
Yeah, but that just happens sometimes. With proprietary software you don’t even have the benefit of being able to audit it to see if the programmers missed something critical, you kinda just have to trust that they’re smarter than a would-be hacker.
And even when problems are found, like the heartbleed bug in OpenSSL, they’re way more likely to just be fixed and update rather than, oh I dunno, ignored and compromise everybody’s security because fixing it would cost more and nobody knows about it anyway. Bodo Moller and Adam Langley fixed the heartbleed bug for free.
Wasn’t heartbleed in the wild for 2 years though?
Yeah, but that just happens sometimes. With proprietary software you don’t even have the benefit of being able to audit it to see if the programmers missed something critical, you kinda just have to trust that they’re smarter than a would-be hacker.
I get that, I just caution that FOSS doesn’t automatically mean secure.
Nothing is 100% secure. FOSS is definitely more secure, all else equal.