you are factually wrong. Here is one of the available papers to prove it https://dl.acm.org/citation.cfm?id=1529731 If you cannot read it, here is conclusion from this paper:
Let me quote myself: "Yes, open source software can absolutely be more secure than a similar piece of proprietary software on an individual basis. But the existence of an inherent security disadvantage is completely indisputable." Yes, the potential to have a larger public review source code for potential vulnerabilities is a benefit of open source software. There are absolutely benefits - even security benefits - to open source software. That said, there remains an indisputable security flaw to making source code public. Whether more public review outweighs that security flaw has to be judged, again, on an individual basis.
Google employee, we caught you. No, for real, this is not google's job. You are basically saying that google should govern us and you are ok with that.
He's actually saying that Google considers it part of its job to prevent foreign interference in U.S. elections through abuse of its search and social media platforms. The same way it would be, say, Facebook's job to prevent foreign interference in U.S. elections through abuse of Facebook's platform. Or were you on the opposite side of the fence during that scandal?
That's a convenient way of dismissing all arguments I make. Nice misread! I'll give it a try again. Content made by Russian-paid trolls is low quality content, and low quality content is content a search engine does not want to return. As such, it should get filtered out. It's in the company's best interest! Now, we'd hope our government actually does something about it beforehand, but who knows what they're doing right now. Not exactly, but close enough. They shouldn't consider it their job to filter out that content specifically, that would be overstepping their boundaries. But, that Russian-paid troll content is low quality content and that's why it should get filtered out. Essentially, if their methodology of filtering is too specific then it is censorship. They should just aim to remove all low quality content, wherever it may come from. And some forms of foreign interference fall under that umbrella so Google filters it.
one, you have not even stated that flaw yet. two, if the flaw is what I think it is - you are wrong. It's not a flaw. The only way open source software is less secure if it has an inherent design flaw, which would be found regardless if the source is open or closed. There are plenty of ways to figure out what a particular piece of software does even without the source So what you are saying is people are too stupid to distinguish between high-quality content and low-quality content, so google being a good uncle helps people with their choice of content. Do you really not see the problem there? Fundamentally I am saying that google should stay out of people's way and gives them the choice to decide, and you are saying that it's good for google to hid stuff the important parts are following: 1) Google removes the choice from people who might want to see that content 2) You have no idea how they decide what is and isn't a low-quality content
The obvious one. Your source code would be public. I don't really understand you. It'd be infinitely easier for you to insist on the benefits of public review. To insist on the early detection and removal of security vulnerabilities that might be overlooked without the extra eyes. Instead, you're trying to insist on the absence of a security flaw so fundamental that you may as well spend your time rewriting history or shoveling the sand out of a desert. It makes no sense. Even if there are other ways to diagnose flaws in a program, and there obviously are, that doesn't make public source code less of a vulnerability. One flaw doesn't make another better. He's actually just saying that the content they would be hiding is lower quality and shouldn't appear at the top of search results anyway. Hiding it is, in fact, doing their best to provide the most high quality search results they can. Y'know, the mission statement of any search engine. ... I think he's stretching a bit, though, by trying to define foreign interference in elections as "low quality." Pretty sure I understood him correctly that time.
That's an argument that would make sense ... if only we weren't talking about a search engine. As a search engine, it is Google's job to rank results and provide you the most relevant results. So of course they need to filter and rank results in some way, especially if there's millions of possible relevant pages. If you don't like someone ranking for you, then don't use search engines. But I sure as heck can't internet without a search engine providing relevant results to my queries. I don't think so. It's disingenuous content, written by people trying to influence their user base. You could call it malicious even, on top of low quality. Only natural to filter it out. It's like a Scientology guy trying to recruit inside a supermarket. Wouldn't the supermarket want him gone? Can you explain what you mean by public review? My knowledge of open versus closed source software is somewhat limited. As far as I know, closed is basically security through obscurity (which might even be counterproductive sometimes) and open source relies on more manpower, but might be vulnerable if there's not enough writers and/or eyes.
more revelations coming out which makes the claims by that female executive false..... https://www.projectveritas.com/2019...hapiro-prager-as-nazis-using-the-dogwhistles/
Open source code allows pretty much anyone to review your code and, hopefully, offer important feedback. Suggestions for general improvement, criticism of flaws, and, yes, identification of potential security vulnerabilities. That's what I meant by public review. More revelations from the tabloid, you mean? I read a revelation in another tabloid the other day about the Queen of England changing succession -- again, apparently, because it's happened like fifteen hundred times so far, according to the same source. Poor old girl can't seem to make up her mind. ... Oh, wait, I think I read she was dead? So I guess whatever she changed it to is final. In other news, this time they've figured out the *real* reason JFK was assassinated.
As far as I remember, this is the only good point you've given. From the beginning I've also said that some form of independent supervision on their methodology is needed and some action against large (tech) companies is required. I don't like the power large tech companies have. Does that sound like something one of their employees would say? But there is zero believable proof that Google meddles with conservative content, so there's that. And if they can't rank results then they aren't a search engine, so there's also that. As for Russian-paid troll content, if you don't think that's low quality or even malicious content then you're trolling. Mindless propaganda is never a good search result. And yes, it can be hard to separate troll content from real content sometimes. For you, me or any random person. As a company they're incentivized to give us the best possible search results, so ... filtering it out if possible is an excellent option. Still the same very shitty source. Is that screenshot credible? It hasn't been doctored, has it? Because that source is not reputable, so I'm not sure if I should take it seriously or not. How exactly is this talking group related to that female employee? They work in the same company? It's a large company. Is the employee in that group? Lastly, are you sure you read it correctly? He says, "if we understand they are nazis using the dog whistles you mentioned". Sounds like they had some sort of clustering or classification algorithm and it ended up putting them in the far-right, extremist bracket. That wouldn't be anything special. Where's the context? I want context! Think critically. If all you can do is mindlessly repeat what others tell you ...
Having a public source does not automatically make the code insecure or more prone to hacking. It all about how the code is written. There are tools that test for all classic bugs, so regardless if your code is open or closed, if you made a serious bug - someone with an intent to find bugs or vulnerabilities can find it within minutes. On the other hand, as history has shown, there are problems with the software, like heartbleed, which cannot be easily found with either closed or open source. Now, if you write shitty code, full of buffer overflows, don't clean up your memory, save you program data in an open format on disk - it would not matter, you can have all the closed source you want. There is even a way to literally reconstruct the program flow by reading memory. Your believe that by closing the source you are protecting yourself is just wrong. Even if there is a protection, it is only from incompetent people, who don't know how to search for problems
Of course not. As I keep saying, software security is to be judged on a case by case basis. Being open source does not automatically make a program insecure, being closed source does not automatically make a program secure. All I've said, and all I will continue to say, is that making your source code public is a fundamental security flaw. The severity of that flaw, whether it's outweighed by the benefits open source offers or made irrelevant by a slew of terrible coding habits, is something to be judged, again, on a case by case basis.
There is a big difference between ranking search results by relevance and removing content google believes is "bad for views". Since I've been misunderstood to such a degree, I will write few more direct points. 1) I did not make any clames that google actually does censor. Go back and re-read it. I said that google should not filter content based on what google thinks people should or should not see. 2) I will explain, what I mean by filter, just so there no arguments that assume I don't know what the search does. I will pick some generic example. Let's say you search for "gorillas". The search ranking will give you on the top pages that reference gorillas, after that maybe some pages that reference chimpanzees and other monkeys, and then perhaps pages that reference the word "monkey". Something like this would be a fine search rank. Now, suppose there is some controversy (hypothetically) if Mountain gorillas and Eastern lowland gorillas should be classified within the same genus. Google decides that this they should and removes all pages that reference them as different genus from the search results because they decided it's a low quality content. Now, this is shit. Why should google decide that? Coming back to your topic, why should I let google decide what is a content from a russian troll and what isn't? Why exactly are they targeting russian trolls? What about american trolls or chinese trolls? If they decide that, for example, all pages in support of Trump are written by trolls, unless they are on the .gov domain or some specific list of domains, according to you - that's fine? What google should do is just provide people with the search results, without filtering out different points of view. I also want to say that there is no good way to distinguish what is troll content and what is not. 3) I will repeat myself - I didn't make a claim that google does this. I am giving you examples. I don't know if they do it. The employee thing was a joke. I keep forgetting that people on NUF don't understand sarcasm. Since you took it so seriously that you had to write a rebuttal, are you really an employee at google trying to cover your tracks? lol
omg, you literally said that closed source cannot be made open because it will open up a ton of security problems: I am telling you this is not the case. If they want to, they can open their code up just fine. People have stolen long ago whatever was valuable in their software. I mean in terms of technology -_- why do you think it's a security flaw? just because people can read code? I can disassemble it and read. I can run side-channel attack and read memory data on it. Just having code public does not make it into security flaw. Also, in the same post, you said that it must be judged on a case-by-case basis and that all closed source software cannot be opened due to security problems... You literally contradicted yourself with 2 consecutive sentences.
Nah it's fine to filter for quality result they just have to be transparent about when it do and what criteria their filters is using and the option to disable all filter when needed.
I would not have a problem, if google have a button or link, saying "we have removed some potentially low quality results, click here to view them". Also, make this clearly visible and not tucked away in some dark corner. The problem is, relevance is a fairly straigtforward thing for the algorithms to figure out. A quality of language can also be ranked fairly well. There is not, however, a good way to generally describe or define what is good content and what is not. And if you really do define it, then most websites, which are not bad, will be filtered out. Classifying content in general case as low or high in quality is difficult. And I don't what google to make decisions for me For example, given 2 articles about a computer game, one can be a really well written cohesive article with appropriate and relevant content. The other could be a bullshit written by some monkey, with all the correct term mixed in. It will be difficult for the algorithm to judge that article 1 is of high quality and article 2 is not.