• 2 Posts
  • 3 Comments
Joined 1 year ago
cake
Cake day: July 4th, 2023

help-circle


  • Only potential security issues, would be related to a lack of maintenance on a particular project. If an open source tool has not been updated for over a year or more, then it may have security vulnerabilities. I usually won’t use something if it has not been updated for a year or more.

    However, people who make that claim, seem to subscribe to security by obscurity. They may think that the source code being public makes it more likely to be exploited for vulnerabilities. But I would say that is a strength, since many people can verify the security of a project and can have patches applied. In standard proprietary software, a security vulnerability could exist for years, without being patched because no one knows it’s there. It may or may not be exploited within this time.

    It is our responsibility to choose the digital tools we use wisely, and to be mindful of a lack or drop of maintenance on a particularly project.