Closed Source is a Leash - AOS for Lemmy.World - A generic Lemmy server for everyone to use.

2411

Closed Source is a Leash

2d 13h ago by lemmy.dbzer0.com/u/ultimate_worrier in privacy@lemmy.ml

Why I Absolutely Require Free Software

Proprietary software is a scheme of power over users. When you cannot read the code, you cannot know what it does. The author can put in backdoors. The author can put in malware. It could be a federal honeypot. You have no way to know and no recourse when you find out.

Nonfree software takes away your freedom to control your own computing. The author decides when the product is obsolete. The author decides what features you get. The author decides when to start charging you for something you already depend on. That is not a software license, that is a leash.

Free software means I decide when a product is obsolete. I decide how it is provisioned, launched, updated, and phased out. The lifecycle and feature set are controlled by me. I can modify it to meet my requirements as they arise. I can study it, fix it, and share those fixes with everyone. That is what it means to respect the user.

Obfuscation is not security. It is the concealment of a compromised codebase by a compromised author. Closing the source is morally wrong and reveals the ulterior motives of whoever made that choice. Privacy is impossible without the ability to verify what software actually does.

I contribute to the free software toolchest because computing freedom is how you liberate people from tyranny. Engineers who are not interested in that project are engineers whose motives I do not trust.

tldr; This post started as a comment responding to a (IMO sketchy), closed source Dropbox clone on this community. That post was rightly removed. My reasons for requiring free software, especially in matters of privacy, are worth repeating.

That's not true, having a leash around my neck is usually fun.

I completely agree, although my first thought would be either an anchor or an albatross.

Either way, for me, to the best of my ability, for my life, it's either open source or the highway.

So you compile everything from source, yes?

Open source or not, binaries are only as trustworthy as the person compiling them and the system they're compiled on.

It's not about trusting the source code or binaries to not have malicious additions.

It's about protecting myself and other users from anti features, by modifying or forking the software of the need ever arises. If software ever adds tracking or telemetry, the community can either modify it downstream (i.e. the way many linux distros compiled out audacity's telemetry), or they can directly fork it.

There is no need to worry about vendor lock in to a proprietary ecosystem, because the option to exit is always there.

Oh, 100%. It's less about security and more about lock in.

For software of decent popularity, it can be compared to the same version built from source and often will be.
Reproducible builds are both a thing and becoming more common.
This is like saying to someone that it's pointless to have locks on their doors if they don't also have bars on all the windows and a moat.

Anything else? Would you like to see passport and blood tests too?

"Make it my way or you're concealing something" is a wildly self entitled take.

Your computer, your rules? Fine.

The part I don't buy is "closed source = compromised author with ulterior motives" and "engineers who don't prioritize FOSS are untrustworthy." You're automatically assuming mal-intent when there are 1000 other reasons why something might be closed source.

Maybe the code is ugly and the dev is embarrassed. Maybe there are dependency licencing issues. Maybe they want to get paid without you forking their shit. Maybe they don't want to deal with support and PRs from people who paid nothing but expect everything.

"Open source it or it's suss" is not a privacy argument, it's a purity test in a trench coat. And here's what it looks like in practice - a dev ships a no-account, no-tracking, Tor-capable file sharing tool, and gets told it's "spam" and "malware" for not being open source:

https://vger.to/lemmy.dbzer0.com/comment/26565282

https://vger.to/lemmy.dbzer0.com/comment/26561235

Prefer open source? Sure. Support it? Of course. "Demand" it as some sort of fealty oath? Yeah, nah.

If you don't want to use something, don't. Maybe stop accusing others of being secret agents because you don't like their license.

what software were they talking about ? the post seems to be removed.

It was a localsend / dropbox alternative. I'll see if I can find it. I doubt it was removed... I suspect the dev didn't want to deal with the pile on and deleted it.

Technically speaking all code is open source if you can read machine code.

Jokes aside, assembly hacking and cracking are great hobbies because they let you see through the closed source veil.

Are you somehow related to this community?