Came here to say the same. Same tools + private. In security two different defense-mechanisms are always better than one.

▲

bluebarbet 6 hours ago | parent [-]

Same tools A, B and C, but minus tools D, E and F, and with a smaller chance that any tools at all will even be used.

Not claiming that it's a slam dunk for open source, but the inverse does not seem correct either.

▲

lelanthran 4 hours ago | parent | next [-]

> Same tools A, B and C, but minus tools D, E and F,

Why "minus D, E and F"? After all, once you have the harness set up, there's no additional work to add in new models, right?

▲

bluebarbet 4 hours ago | parent [-]

The point being that there are always going to be more eyes, and more knowledge of available tools (i.e. including "D, E and F"), and more experience using them, with open source than with a single in-house dev team.

▲

lelanthran 3 hours ago | parent [-]

There's no more "eyes" though, it's all models, and they are all converging pretty damn fast.

	▲	bluebarbet an hour ago \| parent [-]
		If true then logically it will be sufficient to run this "master model" once before any code release for the level playing field to be restored. After all, even open-source software is private until it is released.

▲

LunicLynx 4 hours ago | parent | prev [-]

Fair enough