• seang96A
    link
    fedilink
    English
    arrow-up
    41
    arrow-down
    1
    ·
    4 months ago

    Security by obscurity the 100% least effective security measure! Wait what? MS left the government knowingly vulnerable for years for the shareholders?! That’s some good security right there!

    • cmhe@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      10
      ·
      4 months ago

      I don’t agree with the generalization here. Sure, it is generally advisable not to rely on security through obscurity, but depending on the use-cases and purpose it can be effective.

      I dislike DRM systems with a passion, but they, especially those for video games like denuvo, can be quite effective, if the purpose is to protect against copying something for a short time until it gets cracked.

      Otherwise I agree that software developed in the open is intrinsically more secure, because it can be verified by everyone.

      However, many business and governments like to have support contracts so want to be able to sue and blame someone else than themselves if something goes wrong. This is in most cases easier with closed source products with a specific legal entity behind it, not a vague and loose developer community or even just a single developer.

      • 0x0@programming.dev
        link
        fedilink
        English
        arrow-up
        4
        ·
        4 months ago

        However, many business and governments like to have support contracts

        What i don’t get is that governments can have their own in-house IT and can moderately large companies and up, so why the blame-shifting game?

        If i’m a customer and your software blows up in my face i will not care that It’s not our fault, it’s our contractors.

        • catloaf@lemm.ee
          link
          fedilink
          English
          arrow-up
          3
          ·
          4 months ago

          They don’t care about what their customers think. It’s about criminal and civil liability.