Listening to has been a big eye opener. I used to think that I really understood practical consumer-level security.

The truth is, you either abstain from smart devices and software, or you're vulnerable.

I used to think Open Source was part of a golden standard for security as well. A whole community auditing code aught to be more trustworthy than xyz company, right?

Even if we stuck to the official repos for our distros, we're 1 bad update away from a 0 day.

· · Web · 2 · 5 · 7

You can't have the community audit the whole stack & each quirk/bug that each custom component (or combination of them) introduces...

Not when you have dozens of new IoT devices introduced each week.

And I'm talking about the hw bits as much as anything else. FOSS consumers tend to think of hw as blank canvasses that come in different sizes; better analogy would be each part# = a building that has its own unique list of (usually hidden) issues.

Proprietary software does have one thing going for it: The supported hw+fw environments are somewhat limited.

FOSS could turn that around if communities would standardize this stuff.

@trevdev There are no 100% guarantees of anything in this life. Software is no exception - even libre s/w.

Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!