I support free and open source software (FOSS) like VLC, Qbittorrent, LibreOffice, Gimp…
But why do people say that it’s as secure or more secure than closed source software?
From what I understand, closed source software don’t disclose their code.
If you want to see the source code of Photoshop, you actually need to work for Adobe. Otherwise, you need to be some kind of freaking retro-engineering expert.
But open source has their code available to the entire world on websites like Github or Gitlab.
Isn’t that actually also helping hackers?
You don’t need to have access to the source code (reverse engineered or not) to find security holes. However, people need to audit the source code to prove it’s secure.
So, closed source software is maybe slightly harder to find flaws in for a malicious actor, but significantly harder for users to audit (because you have to rely on the word of the company publishing the software, or a 3rd party security auditing company, or reverse engineer the code yourself)
Additionally, it’s harder for malicious actors to hide the existence of vulnerabilities they find. They can’t just not tell anyone what they find because the code is all public anyway. If people are looking at it frequently enough (i.e. if the project is still active), someone else will probably notice it as well.