• azimir@lemmy.ml
      link
      fedilink
      arrow-up
      14
      arrow-down
      1
      ·
      1 year ago

      This one’s not really new. It’s essentially the basis of the entire FSF manifesto and the purpose behind the GPL in the first place. If you don’t have the source code to your tech, you have no real idea what’s happening to your information while you use it.

      Adding a TOR layer on top of a black box OS might provide some privacy for your network traffic, but the system calls being called by the browser are inherently untrustworthy to begin with.

      Or, to sum up “Proprietary untrustworthy, open source more trustworthy,” which still isn’t as pithy as your quip.

      • zwekihoyy@lemmy.ml
        link
        fedilink
        arrow-up
        5
        arrow-down
        6
        ·
        1 year ago

        there is little difference between “open source but you need formal education to be able to dig through and understand the documentation and code” and closed source. open source is still better for ethical reasons but for 9/10 users, it’s not reasonable to check the source code and they are losing any potential “security” benefits that was provided.

        • CausticFlames
          link
          fedilink
          arrow-up
          8
          ·
          1 year ago

          You are correct for open source projects with only a few maintainers… But with a project as big as linux, there are SO many people with that “formal education” (which doesnt really even need to be formal) that the amount of eyes on the codebase DOES benefit the normies who dont look at it.

          • zwekihoyy@lemmy.ml
            link
            fedilink
            arrow-up
            4
            arrow-down
            2
            ·
            edit-2
            1 year ago

            I 100% agree, I just think it’s dangerous rhetoric to push because you end up with normies that have been told “open source is more secure” and end up running any script they find on GitHub without having a clue how to audit what it’s actually doing. (this was me 5/6 years ago until I figured out what I was doing).

            this is the same reason I find people claiming that Linux is more secure than windows dangerous. I can exfiltrate data from the average Linux install much easier than windows. you can harden Linux to a much greater degree but if you don’t know how or that you even need to, you are in a much worse position.

            • CausticFlames
              link
              fedilink
              arrow-up
              2
              ·
              1 year ago

              I disagree that you are inherently in a worse position simply because you dont know enough to take a peek at the code or harden things. I think that again, simply being such a massive project linux gives a trickle down effect to normal users. Even as a normie, you are safer on linux than on windows, full stop. As for github scripts, thats an entirely different subject because yes, open source CAN be dangerous still (just like proprietary can).