I’m note a programmer. I Don’t Understand Codes. How do I Know If An Open Source Application is not Stealing My Data Or Passwords? Google play store is scanning apps. It says it blocks spyware. Unfortunately, we know that it was not very successful. So, can we trust open source software? Can’t someone integrate their own virus just because the code is open?

  • @Serinus
    link
    31 year ago

    I wouldn’t assume there are many people looking at most open source code. And even if there are, it’s not impossible to hide malicious code.

    Just because people can review it doesn’t mean they are reviewing it.

    It does introduce more risk of discovery though. Malicious code is easier to find, and there will be at least a username associated with it.

    • pjhenry1216
      link
      fedilink
      51 year ago

      There are more people looking than there are elsewhere. And unless you’re suggesting the authors as being malicious (which can happen), most FOSS is reviewed. Especially larger ones. You can tell by the number of contributors. Smaller projects will surely be an issue, but popular ones do get reviewed, simply because many people want to be able to contribute.

      It’s almost certainly more than proprietary though. Like, all these risks still apply to proprietary.