BSD Thread
Images are sometimes not shown due to bandwidth/network limitations. Refreshing the page usually helps.
You are currently reading a thread in /g/ - Technology
You are currently reading a thread in /g/ - Technology
>he still thinks closed-source means better security by default
Don't tell me there are people on /g/ like this.
>>51528458
nice comic sans
>>51528587
Comic sans is used in presentations for a reason Anon
http://thenextweb.com/dd/2011/06/02/comic-sans-may-improve-your-reading-retention-says-study/
>>51528655
still looks like shit desu senpai
>>51528690
Presenters don't care
>security through obscurity is bad
>still uses passwords
>still uses encryption based on obscure primes
>>51529076
TOP KEK
>>51528458
>exploits against closed source just as easy as against open source
Yeah, besides the bullshit like needing to reverse engineer shit and needing knowledge of assembly. Finding shit like two consecutive gotos or fgets is easy as fucking shit for open sores, it has more barriers for closed source.
Not to mention
>obscurity doesn't help
It sure as fuck stopped botnets from depleting my fucking SSH server's entropy pool. Fuck your memes.
>>51529290
You missed the point. Closed-source programmers can slack off because they think bugs won't be found, so you get more bugs than in FLOSS. Not to mention it can't be peer-reviewed by everyone, so closed-source will always be more broken. I'd much rather have a system that's open where bugs can be caught by anyone than closed where only a small group of Indian code monkeys dick with the code and hope it just werks, leaving in a ton of shit bug-addled code.
>he thinks you need to reverse-engineer to catch closed-source bugs
Shows what little you know.
>he still thinks permissive licenses mean more freedom
>>51530154
but... they do
>>51529791
The only fucking difference between open source and closed source is you can fucking read through the open source code and find exploitable bugs. Fucking retard.
>dur open sores is higher quality because everyone can read it so people write better code
No, go fuck yourself. Bash is a prime example of fucking retarded coding, it took 30+ patches to try to fix that clusterfuck when shellshock was released, and it's probably not even completely fixed yet. Closed source, proprietary shit also has the added bonus of there being someone who has a fucking job they don't want to lose if they fuck up too badly.
>>51530277
>one_day_i'll_own_this_boot.jpg
The only Freedom granted by permissive licenses over the non-permissive Free licenses is the freedom to make stuff less free for others. If I really have to sit here and explain why this results in less net freedom than
>long list of freedoms are guaranteed for you and others
>only restriction is that you can't deny said freedoms to anyone or add any other restrictions
then I'm not entirely convinced you've thought this through properly. Armchair libertard philosophy doesn't count, by the way.
Tl;dr, look up "negative liberty".
>>51530367
Shut up, RMS.
>>51530393
Go back to the coffin, Theo.
>>51530297
>The only fucking difference between open source and closed source is you can fucking read through the open source code and find exploitable bugs. Fucking retard.
That's the whole point. Anybody can look at the code, find vulnerabilities, point them out, maybe write a PoC and fix it. Sure, fucktards like Hacking Team however keep them a secret and sell them for absurd amounts of money to foreign and domestic governments, but they do that for closed source applications just as well.
>Bash
Right, I bet a handful of developers keeping source code behind closed doors could obviously do better.
>Closed source == keeping your job when shit hits the fan
Lazy and irresponsible code monkeys are the scum of the earth.
>>51529076
That's not what obscurity means though, in this technical context.
>obscure source code
>find bug
>ALL copies compromised
>"obscure" password
>find password
>only one account compromised
>>51530601
>Anybody can look at the code, find vulnerabilities, point them out, maybe write a PoC and fix it.
No they can't.
That's the point of failure for all this FOSS crap.
How many people do you know (apart from yourself, obviously) who are qualified, let alone motivated, to dredge through the guts of FOSS crap looking for vulns? It takes an obsessive and experienced mind. Not exactly a common thing among freetards. Most of you are in it for the free software rather than contributing quality time to fruitless tasks.
>>51533180
You know how OSX contains a lot of free software?
That's right, big companies spend their own bucks improving free software, because it's cheaper using existing software and fixing bugs than writing their own proprietary software from scratch.
You know who does the most development work for Linux? Big companies, because all of their real machines (not Excel spreadsheet boxes for the desk monkeys) are running it.
>>51528458
I once believed that, but got my ass handed to me.
I never knew that the concept that security could be had through obscurity and attackers being prepared to deal with something other than what was there was a mindset that valued closed source more, I already liked the idea of open source at the time.
I was still a teenager, I was very paranoid, too. Probably rightly so.
>>51528458
I think security through obscurity is bad practice too, But every point on that slide is [citation needed].
In short: OP is a faggot and should provide sauce or references
>>51533180
>No they can't.
Of course they can. If they publish the code under a free license, everyone's allowed to do so.
>How many people do you know (apart from yourself, obviously) who are qualified, let alone motivated, to dredge through the guts of FOSS crap looking for vulns?
That's a fallacy. One individual's acquaintances are not representative for the whole population. Moreover, it's not pertinent to why people can't individually and independently audit the code as you claim.
>It takes an obsessive and experienced mind. Not exactly a common thing among freetards. Most of you are in it for the free software rather than contributing quality time to fruitless tasks.
This may have some merit, but that's due to a lack of independent research and code audits in general, of which there's a serious lack of, yes. But again, not pertinent to your claim because it's certainly not because people can't.
>>51528458
Obscurity helps to some extent.
>>51537920
Explain yourself, please.
