Help Search

Is open source software less secure?

Open source software is not by default more or less secure than closed source software.

Typically, when the source code of a software is not available you need to trust your vendor without having any means to verify their claims. For example you do not have any guarantee that they will fix vulnerabilities, introduce backdoors or that they will not use your data without your consent. When the source code is freely available, anyone can organize a review and check if the level of security the product provides is adequate.

Some people may argue that an attacker could find vulnerabilities more easily if the code is available to everyone. While it is true, but the corollary is also true, e.g. people without malicious intent too can find these vulnerabilities and fix them, making the solution stronger in the long term. Greater visibility allows more users and experts around the world to go through the source code, discover and fix bugs early.

Not finding what you are looking for? You can also ask the community on the forum.

Talk to a human