Barring the digital signature (which is only there to establish trust, and not restrict the use of the application), any new binaries being published in this fashion behave exactly the same as if they had been published by the original developer, without any restrictions. This, in turn, should give you greater trust that, because it is not possible for its developers to use the loose terms of other Open Source licenses to "hide" any piece of the final application, what you do see from the source is exactly what you get from the official binary, and you are always in a position to compare the binary you produce on your own against the official one, to confirm that there wasn't anything added in the compiled code, or any part for for which you don't have the full details.įinally, this also means that, should Rufus development cease altogether, you will never be stranded, as you would be with a closed source proprietary application (or a semi-open source application that still relies on closed source components), since the first developer interested can pick up the work exactly where it stopped and release updated versions of Rufus should they choose to. This is because, unlike many of its Open Source counterparts, the GPL license is not one that asserts that developers should have more "freedoms" than the application users, including the "freedom" to restrict them, or deny access to some of the feature-set from the official binary, be it by withholding some of the source, or by not giving users the ability to run their own modified version on the exact same set of devices as the original. When using the GPLv3 license however, which is what Rufus uses, such a restrictive behaviour is impossible. However, due to its use of a less user-focused BSD license, it is not possible for anybody but Apple to actually recompile a kernel from that source, and use it as a drop-in replacement for the "official" Mac OS kernel. For instance, you may be aware that Apple's Mac OS kernel is based on Open Source software, which sounds good at first glance. Thus, like all Free Software, Rufus provides you with the freedom to compile and run the same binary as the one you get from the official website, as opposed to a crippled version that may have parts missing. You will end up with a version that performs in the exact same manner as the one published by its author. This means that, should you be paranoid about running an executable which you did not compile yourself, on account that the person who compiled it may have added some hidden malicious behaviour onto it, it is always in your power to compile your own version of Rufus, from scratch, to ensure that nothing gets added.įurthermore, if you do have concerns about what the application might be doing behind the scenes, the Open Source nature of Rufus grants you the ability to study the actions of every single component, to validate that, just as we indicate, Rufus is not doing anything that isn't part of its official mandate.īut even better than that, Rufus is Free Software, as ensured by its GPLv3 license, which means that, as opposed to other more restrictive Open Source licenses (such as BSD, Apache, etc.), you are further guaranteed that, if you compile your own version of Rufus from the published source, it will not be missing any features (such as the ability to run it on the device(s) of your choosing) or have any restrictions compared to the "official" version. The first thing we will mention then, and as you may already be aware of, is that Rufus is Open Source. This page is therefore written to help you understand that, even if you think that not much is going on behind the scenes with regards to security in an application like Rufus, there is actually much more than meets the eye, and we hope that the pointers we provide on this page can help confirm for yourself, that Rufus simply cannot do anything nefarious without your knowledge. As such, an application that creates bootable devices, which is one of the most common usages of Rufus, must be be able to demonstrate to its users that it is beyond a shadow of a doubt regarding what it might write on the device. After all, it only takes a compromised bootloader to compromise a whole computer, regardless of the security software that may be installed on it. The purpose of this page is to describe the various security and safety measures that are employed by Rufus, with the aim of giving you, its user, some confidence that the application will never be trying to do anything nefarious or unwanted behind your back.Īs you should be aware, anything that can install code that runs as a bootloader also becomes a critical part of the chain of trust in computing.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |