> "practically every CVE is on code you can read."
This is probably true due to a sort of survivorship bias. code you can read is much easier to analyze and test and report. Closed source internal code has a lot of security by obscurity built into it. Not to dismiss security by obscurity, I am sure it keeps an absolute frightening amount of code safe.
somat|5 months ago
This is probably true due to a sort of survivorship bias. code you can read is much easier to analyze and test and report. Closed source internal code has a lot of security by obscurity built into it. Not to dismiss security by obscurity, I am sure it keeps an absolute frightening amount of code safe.
ectospheno|4 months ago
“The oldest and strongest emotion of mankind is fear, and the oldest and strongest kind of fear is fear of the unknown.” H.P. Lovecraft