How would the vulnerability discovery work? Is the current code encrypted so that it can't be viewed?
My understanding of the process is that code is written in a language that must be compiled. After it is compiled, it is then "packaged" into an installer file, whose internals cannot be examined. After it is installed, it then consists of a directory full of files which help run the program, but these can still not be examined.
Is it true that the code cannot be seen at all these stages? No way to reverse engineer it?
And by open sourcing, an experienced person could see ways to break the code by causing infinite loops, creating false helper files, using a fake "mp3" file, etc?
Vulnerabilities can still be discovered in the compiled code, but they are easier to discover in the source code. Simply running a static analyser on the code will probably point out numerous possible vulnerabilities already.
My understanding of the process is that code is written in a language that must be compiled. After it is compiled, it is then "packaged" into an installer file, whose internals cannot be examined. After it is installed, it then consists of a directory full of files which help run the program, but these can still not be examined.
Is it true that the code cannot be seen at all these stages? No way to reverse engineer it?
And by open sourcing, an experienced person could see ways to break the code by causing infinite loops, creating false helper files, using a fake "mp3" file, etc?