The reason for that being that all the points I have put are fully valid.
The rest depends upon the persons inference.
Having a separate coder and a packager means there is a good chance that another person (the packager) is looking at the code.
And this other person is also most probably a separate entity, so if the coder is malicious, someone will know.
Then comes the point of the distro community being more open and fragmented, as compared to a corporation, that can keeps their members’ mouths shut using contracts and all
For the same thing, the pro corpo guys will say that they have a single entity to go to for any problems. And since they have a contract (which maybe a b2b client-provider contract), their interests match.
As opposed to some random chap on the internet, developing some Open Source thing as a hobby, purely for their own fun/ego/satisfaction.
Your points about enterprise support are fair but I was more talking about people that believe that FOSS is inherently less secure than something closed source controlled by a single large company (i.e. security by obscurity which doesn’t actually work)
Honestly I do agree in some ways support is better for enterprise products but at the same time companies could still use some sort of source-available license to promote transparency/security auditing while having the same control as a closed source product. It’s not FOSS but would definitely be better than having everything closed off
The reason for that being that all the points I have put are fully valid.
The rest depends upon the persons inference.
CC BY-NC-SA 4.0
Your points about enterprise support are fair but I was more talking about people that believe that FOSS is inherently less secure than something closed source controlled by a single large company (i.e. security by obscurity which doesn’t actually work)
Honestly I do agree in some ways support is better for enterprise products but at the same time companies could still use some sort of source-available license to promote transparency/security auditing while having the same control as a closed source product. It’s not FOSS but would definitely be better than having everything closed off