Open Source is an interesting alternative, which adds the possibility of collaboration and customization in the development of the software, it allows developers to use the code or part of it for their own projects, this naturally offers many advantages. Now, many times I read several clearly wrong opinions about it. OpenSource is more secure and more private than closed source, which is completely false, it is not, it is not the first time that I have discovered Trojans and other malware in OpenSource. It is true that a developer can review the code, although this is not always easy in very complex software with up to millions of lines of code, many also pointing to external scripts, which also require revision. For this reason, many developers do not do it, limiting themselves to changing certain codes to adapt it to their needs or to create their own product. For this reason, security and privacy always depends on the activity of the creator / creators and the corresponding community, if any, to detect possible infiltrations by hackers, who also have access to the code of this software. The normal user, without great knowledge, has no possibility of verification, far from passing the product through VirusTotal or the AV that he uses. You must trust the product’s TOS and PP, in many cases not much better for privacy than other proprietary products. Of course, the free argument is also false, not all OSS is free, it can even have high costs. For this reason, I think that, to maintain the freedom and the great advantages that the OpenSource movement has, to put an end to these mistaken opinions and to make users aware of the real value that this movement has, so as not to lead them to a field of disappointment.
Preferably use OpenSource, but like any other software, avoid blind trust and check the application before using it and above all, importantly, always read the TOS and PP of the product, this avoids many annoyances. Avoid products whithout updates for a long time, which shows a lack of attention on the part of the developer.
I agree in part and this is the point which I mean, that the proposit of OSS isn’t in first line security and privacy . Certainly they don’t hav commercial interests (most), but it isn’t the norm, see APIs of great companies, all of them are OpenSource, but with the function to track the user for commercial interests. The philosophy of OpenSource is the ability to share and the develop of software in the interest of the user, but the last can exist also in proprietary soft of small companies or individual devolopers, who offers also a user centred soft without survaillance. A good Exaample is the famous app IrfanView, an excelent image/multimedia viewer and editor (freeware proprietary, which lacks real OpenSource alternatives with the same features . What really should be avoided are the big monopolies as much as possible, it is not necessarily so important that an app is FOSS or not. In general with this article I wanted to refute the many times seen opinion of FOSS = secure and private and closed source = garbage and spyware, which is deeply false and can lead to unpleasant surprises that I have also seen in the past, believing this, costing me a reinstallation of the OS due to an infected OpenSource app. They always require the same security measures before using them as any other soft.
APIs being open doesn’t really mean the definition of open source. The code behind the API has to be available as well. The big difference with actually open code and small companies is that the latter relies entirely on trust.
As a user have to trust the company to do the right thing, and I have no way to verify that they do. There have been plenty of examples over years of companies being exposed putting in backdoors, selling user data behind their backs, doing surveillance on the users, and so on. That’s a fundamentally flawed model for security. With open source the code is visible to everyone and while it’s possible to miss problems in it, it’s a system that facilitates independent verification which is a better starting point.
It’s also worth noting that while small companies often produce decent products, they are also more likely to go out of business than large monopolies. This is also a risk for the user since the software they rely on will stop being supported at that point.
I think closed source software fills a niche, and I use it when there aren’t good open solutions available. However, I prefer not to get invested in such tools and use open solutions when possible.