Are you positive that the binary blob of the open source project you just downlo... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

cube13 on Sept 5, 2013 | parent | context | favorite | on: How to remain secure against NSA surveillance

Are you positive that the binary blob of the open source project you just downloaded is 100% from the code in it's repo?

If you're not, then it absolutely is not an improvement. The attack vector has just shifted slightly.

dllthomas on Sept 5, 2013 [–]

Yes, because nothing can ever improve security unless it is 100%.

Using FLOSS, alone, is a marginal improvement in security, other things being equal. It can be combined with still other measures to make a bigger difference.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact