[ShadowAce]

Edited for language.

[ShadowAce]

[E. Pluribus Unum]

Yes.

The question is, can shoddy closed-source be secure?

[Neidermeyer]

I didn't read the whole thing but this stood out "However, just because the source code cannot by seen, it does not mean an application is secure." ... DirectTV was hacked successfully for 10+ years and DishNetwork for 8+ without source code , the access cards were NEVER fully exploited, only certain ROM portions, the actual OS remained secure.

MSFT has given it's source to the Russians and I'll bet any amount that the Chinese have full copies of all source from their "students" that were hired into MSFT .. how secure is that?

[antiRepublicrat]

Security through obscurity can be good, slowing down the attacker as it did to him. Hoever, in the case of software and cryptography it negates another useful principle: that the more experts who look at your code, the more likely vulnerabilities will be found and fixed. Your choice as to which you think provides more security. I’m inclined to think the latter does.

Adding one more security for open source, you can be pretty sure the developer didn’t install a back door in the system. For Windows you only have Microsoft’s assurances, but for Linux some independent developer would have likely found a backdoor by now.