Comment by m-schuetz
21 days ago
Why woul building from source be safer? Are you veting every single line of third-party source code you compile and use?
21 days ago
Why woul building from source be safer? Are you veting every single line of third-party source code you compile and use?
You're sure not vetting any byte of an executable, so building from source is safer.
Binaries or source, it's pretty much the same unless you thoroughly vet the entire source code. Malicious code isn't advertised and commented and found by looking at a couple of functions. It's carefully hidden and obfuscated.
That's
However much the code is hidden and obfuscated, some parts of the source code are going to be looked upon.
For a binary, none, ever, except in the extremely rare case that someone disassembles and analyzes one version of it.
The fact that open-source doesn't coincide with security doesn't mean that it isn't beneficial to security.