While I generally agree, the project needs to be big enough that somebody looks through the code.
I would argue Microsoft word is safer than some l small abandoned open source software from some Russian developer
That’s true, but I’m not a programmer and on a GitHub project with 3 stars I can’t count on someone else doing it. (Of course this argument doesnt apply to big projects like libre office) With Microsoft I can at least trust that they will be in trouble or at least get bad press when doing something malicious.
Ehmm. if nobody uses it, it kinda doen’t matter if it’s safe. And for this example: I bet more people had a look at the code of LibreOffice than MS Office. And i dont think it sends telemetry home in default settings.
This is actually changing thanks to the proliferation of SBOMs and projects like assured OSS.
And either way you’re comparing apples to oranges. You trust Microsoft not because they’re closed source but because they set a precedent. Do you trust Meta’s apps or TikTok to not abuse their permissions? Everything else being equal would you trust a closed source fediverse server more than an open source one?
Completely missing the point. Collective action is what makes open source software accessible to everybody.
You dont NEED to be able to audit yourself. Still safer than proprietary software every way you look at it.
While I generally agree, the project needs to be big enough that somebody looks through the code. I would argue Microsoft word is safer than some l small abandoned open source software from some Russian developer
no, proprietary software its always possible malware and you have no weapon against it. being able to audit is always better.
That’s true, but I’m not a programmer and on a GitHub project with 3 stars I can’t count on someone else doing it. (Of course this argument doesnt apply to big projects like libre office) With Microsoft I can at least trust that they will be in trouble or at least get bad press when doing something malicious.
I mean if a github project has only 3 stars, it means no one is using it. Why does safety matter here? Early adopting anything has risks.
This is kind of a false comparison. If it has 3 stars then it doesn’t even qualify for this conversation as literally no one is using it.
undefined> With Microsoft I can at least trust that they will be in trouble
lol yeah if anybody finds out… something something NSA
Ehmm. if nobody uses it, it kinda doen’t matter if it’s safe. And for this example: I bet more people had a look at the code of LibreOffice than MS Office. And i dont think it sends telemetry home in default settings.
I think they’re talking about onlyoffice.
This is actually changing thanks to the proliferation of SBOMs and projects like assured OSS.
And either way you’re comparing apples to oranges. You trust Microsoft not because they’re closed source but because they set a precedent. Do you trust Meta’s apps or TikTok to not abuse their permissions? Everything else being equal would you trust a closed source fediverse server more than an open source one?