Originally posted by Slim Shady:

Change my mind.

Why would I bother?

Timba his arms wide

Yea not being able to see the code and determine what it does based on what you see

Surely safer

On a related note, a bomb you cannot defuse is more safe than one that you could disarm

I'm of the fence with this one.

With open source software, you have the advantage of a million eye balls all looking at the code, so the chance of there being so many bugs or backdoors in it becomes less likely. That doesn't mean it can't happen. Look at the amount of linux-based packages that contained faulty code causing buffer overflow exploit opportunities that lived on for years undiscovered. Sure you can look at the code, but for the average user who's not a programmer or have zero programming experience that means nothing. They might as well be looking at raw NASA satellite data in binary format. Another advantage is the code would have access to a wider audience for testing.

On the other hand, closed source software obviously wouldn't have the advantage of a million eye balls looking at it, and the number of people testing it wouldn't be so great. That implies the chances of there being bugs or backdoors in it is far greater.

Personally, for me as a coder, the deal breaker comes down to code ownership and rights, based on the general concensus of most open source licences ( I might be wrong on that). To have your code be considered open source, you basically have to sign away your exclusive rights to the code just because random individuals signed on to your project and added a function or two, even if you wrote the bulk of that code in its entirety. Now you have shared ownership...Yea that doesn't sit right with me...

I can understand why most people would prefer open source software as opposed to the source being closed.

Finally, people claim there's no way to know what closed source code is doing, and that's a major reason for their preference to choosing open source software. Okay...that's not entirely true. We have what is called static (you wouldn't be able to do this on closed source code, without using a decompiler to output similar source code) and dynamic code analysis. In a testing environment or lab, we can observe the code's behaviour and watch what it does to the system - files opened read or written to, DLL modules loaded, registery keys read or written to, areas of memory accessed, how it talks to the Internet, what IP addresses it contacts, etc. We also have what is called fuzz testing, basically throwing ♥♥♥♥♥♥♥♥ input data at the code while it's running to try to break it or inject your own code through a buffer overrun if present. There are other ways to bullet test software I won't get into but you get the idea. This is what anti-malware providers and cyber security analysts do...

Originally posted by BlackBloodRum:

Originally posted by pipe.surgeon:

We also have what is called fuss testing, basically throwing ♥♥♥♥♥♥♥♥ input data at the code while it's running to try to break it or inject your own code through a buffer overrun if present.

Fuzz testing, not fuss testing.. or just fuzzing. That gave me a bit of a chuckle. :steamlaughcry:

Yes, you know what I mean. Silly typo mistake. Corrected, thanks.

Closed source software is usually a decade ahead of open source, yes, but you always get companies like adobe which make it not really worth it in the long run.

These days you can't even own most closed source software. Like Steam games, you are just using a license to access it which can be revoked at any time.

Riding off my first post, and since this is steam, ask yourself these questions:
1. why aren't most video games built as open source projects?
2. Are all the video games you're playing open source?