1 |
Dr Rainer Woitok wrote: |
2 |
> Dale, |
3 |
> |
4 |
> On Wednesday, 2021-02-17 23:08:12 -0600, you wrote: |
5 |
> |
6 |
>> ... |
7 |
>> Still, they are closed source. If |
8 |
>> their code was open source then it could be that the hack would not have |
9 |
>> happened since someone would have spotted the hole the hackers used. |
10 |
> I don't think so. They hacked the Lastpass servers exploiting some vul- |
11 |
> nerability in some software running there ... Windows, Word, Excel, you |
12 |
> name it. Maybe they too used the bug in SolarWinds' remote maintenance |
13 |
> software, but then ... wasn't the Lastpass hack way earlier? |
14 |
> |
15 |
> Sincerely, |
16 |
> Rainer |
17 |
> |
18 |
|
19 |
I did say it could have been found. Still, if they allowed their |
20 |
system/software to be tested by others, then even that security hole |
21 |
could have been found and fixed which would have prevented the hack. |
22 |
Regardless of this, they are closed sourced, they got hacked and it |
23 |
could have been prevented if they allowed others to see their code. |
24 |
That's one thing about open source software, there can be millions, ten |
25 |
of millions or more, of people looking at it. It reduces the odds of |
26 |
bad code lasting long. It can happen but it reduces it a lot. |
27 |
|
28 |
I still trusted Lastpass. I would still be using it except for the fact |
29 |
they decided to take away features I need unless I pay more than it is |
30 |
worth to me. Since I need to switch anyway, may as well find a open |
31 |
source option that has a better chance of having good code. Maybe it |
32 |
won't be hacked at all. One can hope. |
33 |
|
34 |
Dale |
35 |
|
36 |
:-) :-) |