• 1 Post
  • 3 Comments
Joined 1 year ago
cake
Cake day: June 26th, 2023

help-circle
  • Phen@lemmy.eco.brtoAsklemmy@lemmy.ml*Permanently Deleted*
    link
    fedilink
    arrow-up
    3
    arrow-down
    3
    ·
    10 months ago

    I work in a open source software and I can tell you for sure that this only works in theory, at least for projects that aren’t giant like chromium. If I push some code to a new branch on github there will be people looking at the changes before I even had time to open a PR, but very obvious security flaws can stay in the code for several years before anyone reports it. The amount of people looking for things to exploit is just much larger than the white hats. Sure they could still find the same flaws without access to the source, but we’re making if easier for them.