Skip to main content
Software Engineering

Return to Answer

added 334 characters in body
Source Link
Péter Török
Péter Török
  • 46.6k
  • 16
  • 163
  • 185

Security of code is ensured only by implementing a proven security algorithm correctly. This is in fact easier to verify with open source code, i.e. bugs get sorted out faster. I believe the widely used security algorithms like SHA et al. are published, still their availability doesn't make it any easier for crackers to crack them. It is the proven mathematical theory behind them which makes them secure.

As for small open source projects, I guess it doesn't make sense to publish code anyway when it is only half baked and not functional. From the security perspective, this means it should be thoroughly reviewed, preferably by as many security expert(s) as possible, and/or against a security checklist as @crosenblum suggests.

Security of code is ensured only by implementing a proven security algorithm correctly. This is in fact easier to verify with open source code, i.e. bugs get sorted out faster. I believe the widely used security algorithms like SHA et al. are published, still their availability doesn't make any easier for crackers to crack them. It is the proven mathematical theory behind them which makes them secure.

Security of code is ensured only by implementing a proven security algorithm correctly. This is in fact easier to verify with open source code, i.e. bugs get sorted out faster. I believe the widely used security algorithms like SHA et al. are published, still their availability doesn't make it any easier for crackers to crack them. It is the proven mathematical theory behind them which makes them secure.

As for small open source projects, I guess it doesn't make sense to publish code anyway when it is only half baked and not functional. From the security perspective, this means it should be thoroughly reviewed, preferably by as many security expert(s) as possible, and/or against a security checklist as @crosenblum suggests.

Source Link
Péter Török
Péter Török
  • 46.6k
  • 16
  • 163
  • 185

Security of code is ensured only by implementing a proven security algorithm correctly. This is in fact easier to verify with open source code, i.e. bugs get sorted out faster. I believe the widely used security algorithms like SHA et al. are published, still their availability doesn't make any easier for crackers to crack them. It is the proven mathematical theory behind them which makes them secure.