Victor Villas

BookWyrm on Patreon: https://www.patreon.com/bookwyrm

Glad someone is finally taking on a fediverse alternative to GoodReads

I’m in total agreement that OSS builds more secure software. What I’m saying is that these companies are not in the business of building safe software.

From there, I see no advantage to closed-source here.

I think the easiest mental map is this: doing things well has a cost; doing things poorly can be cheaper; if it’s way cheaper and there’s some method available to de-risk it even if a little bit, no matter how little effective it is, it might be financially advantageous to pick the inferior option. This is not just for security, but pretty much everything.

You’d still need an account, but I think you can plug Zapier into a group to create RSS feed items from posts.

From there you can use your RSS reader of choice, FOSS or not

There’s also the graph API if you want to DIY, also needs a token with group permissions

I think you might have read it backwards, I equated closed source with security by obscurity. And obviously you can have both, if you pay extra.

Sure, finance is not technology, but I think it’s worth it pointing out that it’s not arbitrary or just greed or whatever, it has technicalities too.

Am I going to be behind the competition by doing this?

Yes, because you are due a lot more diligence with open source, and that will slow down your releases.

If the most secure crypto algorithms are the ones that are public, can we ensure the security of a bank’s apps by publicizing it?

You trade security by obscurity for security by expert oversight. I’m not a lawyer or baking auditor, but I’d say while zero-days are problematic for open source software projects; they can be life-ending for banks.

Is there a technical reason they don’t publicize their code or is it just purely corporate greed and nothing else?

This is a false dichotomy. Financial reasons to not publicize the code are technical reasons. Finance is technical.