← Back to context

Comment by _carbyau_

4 days ago

You don't have to. Which is good!

But in practical terms there is a lot of trusting of someone/their-code going on. Unless you are reading/understanding it all.

I trust linux more than windows. But I've never read a line of it...

3 comments

_carbyau_

Reply
ivell  4 days ago

I think their point is that the source being open keeps the developers more honest. Of course there have been supply chain attacks in open source, but that is more probable to be found out than closed source ones. In short, auditability improves security.

wkat4242  4 days ago

The thing is, there's always someone who does read it or inspect changes. It will surface soon enough if untoward things are happening.

  • _carbyau_  4 days ago

    And that is what is being trusted.

    Not "the code is readable therefore trustable".

    More "the code is readable, therefore I trust multiple someones, somewhere will read it or has read it and if they have a concern they will voice it".

    Is it the greatest thing to trust? No, but like a lot of things in life, it's the best of the practical options.