In my opinion especially security code needs to be open source…
Pistcow@lemm.ee 3 months ago
I mean wouldn’t everything be a security concern in relation to government agencies?
Petter1@lemm.ee 3 months ago
jabathekek@sopuli.xyz 3 months ago
Nothing like bored programmers on the internet to nitpick the governments code.
cmnybo@discuss.tchncs.de 3 months ago
If you don’t release your source code due to security concerns, you just announced to the world that your software is vulnerable and you’re relying on security through obscurity.
Pistcow@lemm.ee 3 months ago
never let them see you cry
cybersandwich@lemmy.world 3 months ago
Meh, not really. The risk with making it publicly available is that a nation state or leet hacker types can comb over it and find exploits or know what libraries/etc you are using so when a zero day pops up they can target you directly. Whereas without direct access to th source code they’d have to do their own enumeration and surveillance.
There is some security through obscurity.
Also, just want to point out: being open source doesn’t mean it’s more or less secure. There is plenty of vulnerable open source code out their.
odium@programming.dev 3 months ago
I feel like a lot of the front ends can be open sourced.
adam@doomscroll.n8e.dev 3 months ago
I work for the UK government. Everything my organisation does is licensed in either MIT or OGL (www.nationalarchives.gov.uk/doc/…/3/)
Developing code in the open really helps ensure you nail down your secure coding practices.