• themeatbridge@lemmy.world
    link
    fedilink
    English
    arrow-up
    22
    ·
    1 year ago

    Most people who use FOSS are not qualified to check source code for ill-intent (like me) and rely on people smarter than them (and me) to review the code and find any problems. FOSS isn’t automatically private, safe, and having good intentions, but if it isn’t, at least the code is transparent and the review process is open for all. Commercial software has no review, and zero transparency.

    • Freesoftwareenjoyer@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      1 year ago

      True, but Libre software can be commercial. So you should instead say that the proprietary or non-libre software has no transparency.

    • Rose@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      2
      ·
      1 year ago

      The problem is that quite often everything rests on that belief in someone else being there to check. Most of the time, even if some of the users are qualified to do it, they don’t have the time to go through all of the code and then be on it through each update.

      • themeatbridge@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Good point and worth considering. For the more popular stuff, though, it’s likely someone somewhere is looking at it, and even the threat of discovery is enough to discourage malfeasance. And in either case, it’s better to have the observability rather than a black box system with no possibility to check it.