You are viewing a single comment's thread from:

RE: HiveSigner is INSECURE? - discussion and deep dive

in HiveDevs29 days ago (edited)

I agree on auditing or more eyes on codebase and what apps are doing by checking their source code if open. Hivesigner is opensource, audited at least by Ecency team and previous creators, anyone still can check codebase. A lot of misinformation will push people using unsecure or closed source solutions which isn't helping.

29 days ago in HiveDevs by
100%
    -100%

      Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

      • Disagreement on rewards
      • Fraud or plagiarism
      • Hate speech or trolling
      • Miscategorized content or spam

      Submit
      0.00 ARCHON
        Reply 1
        Sort:  
      • Trending
        • [-]
         15 days ago 

        Audited code is way more secure than closed source or unaudited code. BUT, reviewing a githib repo won't make the app secure! What stops the dev to alter the deployed version of the codebase and add some malicious parts?

        The repo would look nice and shiny but a small change on the real server could be dangerous. So the full review should check the live webserver too. And it wouldn't be bulletproof either as you can swap dns record overnight or add changes after the audit.

        100%
          -100%

            Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

            • Disagreement on rewards
            • Fraud or plagiarism
            • Hate speech or trolling
            • Miscategorized content or spam

            Submit
            0.00 ARCHON
              Reply