Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It feels like a cargo cult approach to the problem. "I'm safe because I compile from source" is an absurd statement when a million LoC is involved.


The linux kernel is much more than a million LoC. Closer to 30 million.


If anything I think this underscores the parent comment - open source is not inherently more secure than closed, it just adds another potential avenue (source code audit) to ensure security.

If nobody actually audits the source, and the closed-source binary has had other types of testing done on it, it's likely that the closed source binary will be more secure.


Yes, my comment was in support of its parent. If reading a million lines is hard, reading ~30 million is harder.


Much of that is drivers that may be disabled if not needed for current hardware, narrowing the audit scope.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: