You are viewing a single comment's thread from:

RE: Are open-source projects more or less secure than proprietary ones?

in #asksteemit7 years ago

I agree with your android statement. However, free software doesnt always mean open sourced. Ccleaner and malware bytes are examples of this.
Android is an interesting use case though. I will need to do some research. Do you know if the stagefright vulnerabilities were in the open or closed side of Android?

Sort:  

When I said free software I meant this.
Ccleaner and malware bytes are freemium and freeware. Malware bytes is proprietary software, not sure about ccleaner but probably it is also proprietary.

As for stagefright I dont know but wikipedia search shows this:

The underlying attack vector exploits certain integer overflow vulnerabilities in the Android core component called "Stagefright",[6][7][a] which is a complex software library implemented primarily in C++ as part of the Android Open Source Project (AOSP) and used as a backend engine for playing various multimedia formats such as MP4 files.[5][9]

Search for replicant it is free version of android they found some samsung vulnerability years ago and also there you can find list of what is actually not proprietary in android.

ah, fair enough! It was a simple misunderstanding then. Based on the link you provided, I agree with you 100%. Free as in people not free as in beer.
Thanks for the bit about stagefright as well. It sounds like it was in the open component of android. It did get patched quickly, but I'm sure there plenty of devices that are still vulnerable.