| 1 |
Dr Rainer Woitok wrote: |
| 2 |
> Dale, |
| 3 |
> |
| 4 |
> On Wednesday, 2021-02-17 23:08:12 -0600, you wrote: |
| 5 |
> |
| 6 |
>> ... |
| 7 |
>> Still, they are closed source. If |
| 8 |
>> their code was open source then it could be that the hack would not have |
| 9 |
>> happened since someone would have spotted the hole the hackers used. |
| 10 |
> I don't think so. They hacked the Lastpass servers exploiting some vul- |
| 11 |
> nerability in some software running there ... Windows, Word, Excel, you |
| 12 |
> name it. Maybe they too used the bug in SolarWinds' remote maintenance |
| 13 |
> software, but then ... wasn't the Lastpass hack way earlier? |
| 14 |
> |
| 15 |
> Sincerely, |
| 16 |
> Rainer |
| 17 |
> |
| 18 |
|
| 19 |
I did say it could have been found. Still, if they allowed their |
| 20 |
system/software to be tested by others, then even that security hole |
| 21 |
could have been found and fixed which would have prevented the hack. |
| 22 |
Regardless of this, they are closed sourced, they got hacked and it |
| 23 |
could have been prevented if they allowed others to see their code. |
| 24 |
That's one thing about open source software, there can be millions, ten |
| 25 |
of millions or more, of people looking at it. It reduces the odds of |
| 26 |
bad code lasting long. It can happen but it reduces it a lot. |
| 27 |
|
| 28 |
I still trusted Lastpass. I would still be using it except for the fact |
| 29 |
they decided to take away features I need unless I pay more than it is |
| 30 |
worth to me. Since I need to switch anyway, may as well find a open |
| 31 |
source option that has a better chance of having good code. Maybe it |
| 32 |
won't be hacked at all. One can hope. |
| 33 |
|
| 34 |
Dale |
| 35 |
|
| 36 |
:-) :-) |
Archives