Open Source is an interesting alternative, which adds the possibility of collaboration and customization in the development of the software, it allows developers to use the code or part of it for their own projects, this naturally offers many advantages. Now, many times I read several clearly wrong opinions about it. OpenSource is more secure and more private than closed source, which is completely false, it is not, it is not the first time that I have discovered Trojans and other malware in OpenSource. It is true that a developer can review the code, although this is not always easy in very complex software with up to millions of lines of code, many also pointing to external scripts, which also require revision. For this reason, many developers do not do it, limiting themselves to changing certain codes to adapt it to their needs or to create their own product. For this reason, security and privacy always depends on the activity of the creator / creators and the corresponding community, if any, to detect possible infiltrations by hackers, who also have access to the code of this software. The normal user, without great knowledge, has no possibility of verification, far from passing the product through VirusTotal or the AV that he uses. You must trust the product’s TOS and PP, in many cases not much better for privacy than other proprietary products. Of course, the free argument is also false, not all OSS is free, it can even have high costs. For this reason, I think that, to maintain the freedom and the great advantages that the OpenSource movement has, to put an end to these mistaken opinions and to make users aware of the real value that this movement has, so as not to lead them to a field of disappointment.

Preferably use OpenSource, but like any other software, avoid blind trust and check the application before using it and above all, importantly, always read the TOS and PP of the product, this avoids many annoyances. Avoid products whithout updates for a long time, which shows a lack of attention on the part of the developer.

  • Halce@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    3 years ago

    The thing with ‘malware’ in free/open software is that you CAN (or somebody else will eventually) discover it, if such slipped by.

    There’s no such choice with closed-source, where the seller/corporation often serves you Trojans intentionally, unknown to you (for data collection), and then even asks you to pay often for such a spyware.

          • Helix 🧬@feddit.de
            link
            fedilink
            arrow-up
            0
            ·
            3 years ago

            Ah, right. That’s correct, of course. Just because more people can find bugs doesn’t mean they will.

              • Helix 🧬@feddit.de
                link
                fedilink
                arrow-up
                0
                ·
                edit-2
                3 years ago

                No, why? The probability of people.finding bugs rises as more possibly knowledgeable people have access to the code, but that’s not a guarantee to find all the bugs. See PGP bugs, branch predicition bugs, heartbleed etc.

                Basically I agree to what you said initially, some bugs have been around forever in spite of the code being openly available.