/tech/ - Technology

I'll start with a few examples:

>Proprietary Software can be secure
This is a slight of hand. In theory proprietary Software can of course be secure, but in praxis there is no way for you to find out which proprietary software is or isn't secure. So from the perspective of the user proprietary software can't be considered secure because there's no reliable way to tell.

>Proprietary Software is harder to hack because the source-code isn't open
This is a security by obscurity fallacy, that for some inexplicable reason is still in circulation. Exploitable software bugs are usually found by examining the behavior of executable binaries not the source code.

>Open source is secure
Not by default, there is no automatic security-magic in publishing code on git-hub/lab. However open-sourcing code means that it can be subjected to broad public scrutiny and hence it becomes possible for the users to know which software is or isn't secure.

>Security and privacy are not the same
This fallacy is widely parroted even by the security community. You, the human is a part of your computer security, without privacy, attackers can potentially learn enough about you to figure out psychological hacks to compromise your computer security by tricking you.

>Unbreakable cryptography
This is usually wrong in praxis because it doesn't factor in that most people will give up their cypher-key after the "low-tech-biological-deciphering-algorithm" broke their pinky-finger. Cryptography can only be considered secure if the encrypted-data-vault is obfuscated as random bits on a storage medium so that the existence of the encrypted data can be denied.