Hacker News new | past | comments | ask | show | jobs | submit login

A reason you are getting downvotes is that it’s not true that closed source software is unauditable.

This is a common but untrue belief. It’s a fundamental axciom of software security that you can’t trust source, so you must diagnose the binary.

Source may be helpful, but in the grand scheme of things lots of other properties are more important.




> It’s a fundamental axciom of software security that you can’t trust source, so you must diagnose the binary.

What if you trust the build tool chain and can reproduce the binary from source?


That’s functionally harder in most cases than just inspecting the binary.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: