this post was submitted on 02 Aug 2023
1620 points (76.5% liked)

Memes

45581 readers
1 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 6 years ago
MODERATORS
gary_host_laptop@lemmy.ml
sexy_peach@feddit.de
cyclohexane@lemmy.ml
cypherpunks@lemmy.ml
1620
It's so nice to see them all growing, but this is just the truth, sorry. (lemmy.ml)
submitted 2 years ago by Samsy@lemmy.ml to c/memes@lemmy.ml
731 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] tired_n_bored@lemmy.world 3 points 2 years ago (10 children)

The good thing about open source is that I don't have to necessarily do that as there's a big community behind it. The thing that itches me is that even if I would, I couldn't be able to in the case of Sync.

To answer your question, not too long ago, and it did not require too much time. I could see what libraries were imported thanks to a tool and decided it was likely not sketchy.

[–] Catweazle@social.vivaldi.net 1 points 2 years ago (4 children)

@tired_n_bored @Stuka, the bad thing of FOSS is when it don't have a great community and an active developement, then it's also open for hackers. A normal user can't check if a somewhat bigger app has a dangerous script or an security hole, even if he has the source code. Nobody check it, not even devs, except if they want to fork it, less users which are convinced that it's synonym of security and privacy, it isn't, it's not the sense and proposit of FOSS.
Expl of a FOSS
https://www.virustotal.com/gui/file/60a309e91ba1039c3527053867e0e210ff2e18628a01acc264d82430e6436889/detection

[–] tired_n_bored@lemmy.world 1 points 2 years ago (3 children)

True, but we're talking about clients here. If hackers want to hack Lemmy they wouldn't be able to do that by looking at the source code of, let's say, Jerboa.

In general your observation is right tho, but still, I like to have control over my software. We all have different point of views and it's totally okay to live according to them, especially when it comes to something as shallow as which apps and programs to use.

I'd like to add that if a piece of software is vulnerable, it is vulnerable regardless of its openness. Surely hackers would have a more difficult time when it's closed, but it's a matter of time before it'll be exploited.

[–] Catweazle@social.vivaldi.net 1 points 2 years ago

@tired_n_bored, most secure if a FOSS is selfhosted, but only if you have and use an own server, for a lot of user because of this, it isn't an option when they don't have the needed trust to a third party server.
Anyway, it's very important, something nobody does, except me, to read the PP and TOS of a product, there are often bad surprises, independent if it's FOSS or not.

load more comments (2 replies)
load more comments (2 replies)
load more comments (7 replies)