People here’s take about why free software (“open source”) should be preferred, in my opinion (basically the OpenBSD’s opinion) is flawed.

You said “open source” is “good” because it permits having eyes on (“auditing”) and make sure there isn’t malware.

This is NOT the most important benefit. But it is flawed because, you guys don’t even have the knowledge to do coding. You guys are activist/“journalists” working for CIA. So you cannot audit the software yourselves.

Or “open source” but with a bad code style, how can you make sure the code doesn’t have backdoors? But I think hilarious journalists that is only smart enough to post fake news about how down is the Russia and China economy can’t even write bad code.

“open source” is good, firstly, because it permits auditing the source code and find the bugs, replace flawed/bad code with safer alternative (for example, the advantage of an open-source C software when porting to OpenBSD is they can replace every occurrence of strcat/strcpy with safer strlcat/strlcpy), sandbox it (on OpenBSD, with pledge and unveil), do privileges separation and revocation, etc.

And I think “you can make sure there isn’t malware/backdoors” is the second benefit, NEVER THE FIRST.

Conclusion: Do not blindly trust what is “open source” when you can’t even do code auditing.

  • ghu
    link
    fedilink
    arrow-up
    2
    arrow-down
    1
    ·
    edit-2
    10 months ago

    When I install a new software, sure I don’t start auditing the souce code but the developement of a software is a process and I trust that all the contributors and distributors have eyes on it and know what changes a release contains. It’s very hard to sneak in shenanigans into popular repositories. And an opensource software can quickly lose the trust of the community and get replaced if it makes bad turns. In non-free softwares I don’t have this assurance.

    • scratchandgameOP
      link
      fedilink
      Tiếng Việt
      arrow-up
      1
      ·
      edit-2
      10 months ago

      I’m not recommending proprietary.

      I’m clarifying about the benefit of free software: The most important is permission to audit, fix bugs, sandbox it with pledge(2) and unveil(2), NOT “to make sure the software doesn’t carry malware”.

      And I’m alarming: You guys are racing on “open source” but don’t actually audit the source code. Because you guys can’t even code and do not intend to become experts. So the benefit that you guys think the most important become useless. Thankfully there are experts in your community to audit and fork whenever they want.

      And an opensource software can quickly lose the trust of the community and get replaced

      (Such small open source project shouldn’t care if they want to make quick money :) ) I think they wouldn’t care if they have malicious intention