People here’s take about why free software (“open source”) should be preferred, in my opinion (basically the OpenBSD’s opinion) is flawed.

You said “open source” is “good” because it permits having eyes on (“auditing”) and make sure there isn’t malware.

This is NOT the most important benefit. But it is flawed because, you guys don’t even have the knowledge to do coding. You guys are activist/“journalists” working for CIA. So you cannot audit the software yourselves.

Or “open source” but with a bad code style, how can you make sure the code doesn’t have backdoors? But I think hilarious journalists that is only smart enough to post fake news about how down is the Russia and China economy can’t even write bad code.

“open source” is good, firstly, because it permits auditing the source code and find the bugs, replace flawed/bad code with safer alternative (for example, the advantage of an open-source C software when porting to OpenBSD is they can replace every occurrence of strcat/strcpy with safer strlcat/strlcpy), sandbox it (on OpenBSD, with pledge and unveil), do privileges separation and revocation, etc.

And I think “you can make sure there isn’t malware/backdoors” is the second benefit, NEVER THE FIRST.

Conclusion: Do not blindly trust what is “open source” when you can’t even do code auditing.

  • scratchandgame@lemmy.mlOP
    link
    fedilink
    Tiếng Việt
    arrow-up
    1
    arrow-down
    2
    ·
    9 months ago

    Fine.

    I’m talking about people who only debate on matrix/reddit about why this privacy service is more trustworthy. Then when I told them to self-host they reacted aggressively.

    • diyrebel@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      9 months ago

      @loudWaterHombre@lemmy.dbzer0.com or @loudWaterEnjoyer@lemmy.dbzer0.com can audit for you.

      Seriously, that’s what you’re missing. Bob the non-coder can trust Microsoft not to plant spyware in MS products, or Bob can trust some portion of the public (limited to ~8 billion people) to audit the code. It’s easier to trust the public than it is to trust a corporation. It’s not just about quantity of eyes, but having eyes that are more aligned with your interests.

      • LoudWaterHombre@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        3
        ·
        9 months ago

        I’m sorry if I made the guy question his life so hard, he deleted his comments.

        You summoned me for auditing code? Call me crazy but I’m in, I would actually do it and hand out free threat level and security analysis for you specific use-case / system.

        I’ve been in the industry for 20+ years.

      • LoudWaterHombre@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        2
        ·
        9 months ago

        He actually did not delete his post.

        hey I have never deleted any comment

        perhaps I’m banned.

        In my shallow thought privacy communities nowadays can only whine when company do something harm their privacy. Few like you are much better, and should escape that community or do something to actually revise it.

        Your data is not private when you put on other’s hard drive. I thought europes are much well-educated than Vietnamese here… but they mostly can’t doubt on privacy policy. If I doubt, they call that conspiracy theories and I’m banned. I only think they are so naive. This is just a surprise for me.

        feel free to public this message

    • LoudWaterHombre@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      9 months ago

      Why are you attacking me then. There are dipshits all over the place in IT spectrum. You won’t see a lot of industry professionals chilling in matrix spaces debating noobs. You had one impression and now you are telling all of us to get a grip. I think you yourself should get some fucking grip.