The backdoor, known for years by vendors that sold the technology but not necessarily by customers, exists in an encryption algorithm baked into radios sold for commercial use in critical infrastructure.

  • Ducks@ducks.dev
    link
    fedilink
    English
    arrow-up
    21
    arrow-down
    2
    ·
    1 year ago

    Anyone saying that is definitely wrong, it is neither more secure or less secure just on the basis that it is closed or open source. There are processes that all types of software must take to ensure there are limited vulnerabilities. Security audits, pen testing, code scanning, etc.

    • AstralWeekends@lemm.ee
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      1 year ago

      To add to this, in this case there is even some rationale for being closed source - given the critical nature of the code, less visibility means availability to examine it for exploit opportunities. But that’s just one side of it, right? Open source might mean more opportunities to find and fix possible exploits as well.