I think we're starting to get a bit off topic, so I'll try to wrap this up. I'm not saying that open source software can't be dangerous, I'm saying that its no more dangerous than closed source, and often times less so, because if you try to distribute something actually malicious open source, anybody can call you on it, and the internet tends to be rather unforgiving of people who openly try to hurt others - especially if you're obvious enough to throw a giant roadmap out for everybody to look at. Its a rule of thumb that you shouldn't run something if you don't have a clue what it does, but this applies to both open and closed source software equally. Somebody who writes malware still needs to convince you to run it, and that's harder to do if you can see exactly what it does before you launch the program. Malicious software that just sits on some cracker's computer does nothing but make them look suspicious to police; its only when somebody else willingly runs it that it becomes dangerous. I suspect that, when you originally started this thread, you were thinking more along the lines of attacks that involve spoofing a website or program, in an attempt to convince users that the malware is actually legitimate. This is different from open source; its similar to somebody changing a phoneline so that when you try to call a friend, you get your arch enemy instead. The two could be combined; one could modify source and then attempt to fool people into believing that said modified source was the original, but I think we're probably out in the realm of theory here as opposed to actual practice, especially because of the reasons mentioned earlier.
-------------------------------------------------- From: "Charles Rivard" <[email protected]> Sent: Friday, November 20, 2015 18:24 To: "Gamers Discussion list" <[email protected]> Subject: [Audyssey] exactly - Re: open source and viruses,was blindfold airhockey --- Be positive! When it comes to being defeated, if you think you're finished, you! really! are! finished! ----- Original Message ----- From: "john" <[email protected]> To: "Gamers Discussion list" <[email protected]> Sent: Friday, November 20, 2015 5:06 PM Subject: [Audyssey] open source and viruses, was blindfold airhockey > Then again, I could also write something in bgt, compile it, and post it > here as some cool sounding game. You hit enter on it and my evil deed also > gets done. > > -------------------------------------------------- > From: "Charles Rivard" <[email protected]> > Sent: Friday, November 20, 2015 16:18 > To: "Gamers Discussion list" <[email protected]> > Subject: Re: [Audyssey] blindfold airhockey is now out > > You state my point exactly when you say, "Certainly, I could write a piece > of code and include it in a package and then give a virus to everybody I > could convince to run my modified code, but that's about as far as it can > go." > > That's as far as it needs to go to get the evil deed done. > > > --- > Be positive! When it comes to being defeated, if you think you're > finished, > you! really! are! finished! > ----- Original Message ----- > From: "john" <[email protected]> > To: "Gamers Discussion list" <[email protected]> > Sent: Friday, November 20, 2015 2:31 PM > Subject: Re: [Audyssey] blindfold airhockey is now out > > >> No, open source is not more vulnerable to viruses - if anything, its less >> so. >> Yes, you can view and modify a copy of the code. >> This can teach you how the code works, so if there are bugs, you might be >> able to exploit them. >> On the other hand, if there are bugs, users can report them more easily. >> Being able to modify a copy of the code does not mean you can get that >> modified code distributed - you only have a copy, not the official >> source. >> Certainly, I could write a piece of code and include it in a package and >> then give a virus to everybody I could convince to run my modified code, >> but >> that's about as far as it can go. >> A perfect example of open source software is - or was - the encryption >> software true crypt. This was used industry wide - corporations, >> governments >> and individuals all relied on it, for a really long period of time. True >> crypt was the gold standard - if you wanted high quality data security, >> you >> used it, and if you wanted the code, you could get it. >> In fact, part of the reason true crypt was as widely used as it was is >> that >> it was audited by independent security professionals, something which >> isn't >> possible without seeing the code. >> Basically what this all boils down to is that open source is just as >> secure >> as anything else - it all depends on the distribution mechanism used and, >> more importantly, how well the code's written. >> >> -------------------------------------------------- >> From: "Charles Rivard" <[email protected]> >> Sent: Friday, November 20, 2015 13:31 >> To: "Gamers Discussion list" <[email protected]> >> Subject: Re: [Audyssey] blindfold airhockey is now out >> >> Aren't they more vulnerable to having a virus put into them? I know that >> the closed system of Apple is more secure in this way. >> >> --- >> Be positive! When it comes to being defeated, if you think you're >> finished, >> you! really! are! finished! >> >> >> --- >> Gamers mailing list __ [email protected] >> If you want to leave the list, send E-mail to >> [email protected]. >> You can make changes or update your subscription via the web, at >> http://audyssey.org/mailman/listinfo/gamers_audyssey.org. >> All messages are archived and can be searched and read at >> http://www.mail-archive.com/[email protected]. >> If you have any questions or concerns regarding the management of the >> list, >> please send E-mail to [email protected]. >> >> >> ----- >> No virus found in this message. >> Checked by AVG - www.avg.com >> Version: 2015.0.6176 / Virus Database: 4460/11035 - Release Date: >> 11/20/15 >> > > > --- > Gamers mailing list __ [email protected] > If you want to leave the list, send E-mail to > [email protected]. > You can make changes or update your subscription via the web, at > http://audyssey.org/mailman/listinfo/gamers_audyssey.org. > All messages are archived and can be searched and read at > http://www.mail-archive.com/[email protected]. > If you have any questions or concerns regarding the management of the > list, > please send E-mail to [email protected]. > > > --- > Gamers mailing list __ [email protected] > If you want to leave the list, send E-mail to > [email protected]. > You can make changes or update your subscription via the web, at > http://audyssey.org/mailman/listinfo/gamers_audyssey.org. > All messages are archived and can be searched and read at > http://www.mail-archive.com/[email protected]. > If you have any questions or concerns regarding the management of the > list, > please send E-mail to [email protected]. > > > ----- > No virus found in this message. > Checked by AVG - www.avg.com > Version: 2015.0.6176 / Virus Database: 4460/11037 - Release Date: 11/20/15 > --- Gamers mailing list __ [email protected] If you want to leave the list, send E-mail to [email protected]. You can make changes or update your subscription via the web, at http://audyssey.org/mailman/listinfo/gamers_audyssey.org. All messages are archived and can be searched and read at http://www.mail-archive.com/[email protected]. If you have any questions or concerns regarding the management of the list, please send E-mail to [email protected]. --- Gamers mailing list __ [email protected] If you want to leave the list, send E-mail to [email protected]. You can make changes or update your subscription via the web, at http://audyssey.org/mailman/listinfo/gamers_audyssey.org. All messages are archived and can be searched and read at http://www.mail-archive.com/[email protected]. If you have any questions or concerns regarding the management of the list, please send E-mail to [email protected].
