[andy0x2a]

The claim of only using software that has source code available to audit never made sense to me.

Does he go through every single line of code on every single application he uses to ensure privacy? Does this mean he is an expert in the Linux kernel? And chromium, and sendmail...

Like I get it's great that these are open source, but it's really not realistic for someone to audit every single line of code in every software to be guaranteed that nothing nefarious happens. If a bad actor wanted to hide an RPC request, they wouldn't label it as _sendUserDataToServer(), so it would require quite a good understanding of the call stack on the functions you are looking at.

Just look at the Linux kernel, it's auditable but recently it came to light that a university had submitted nefarious code to it. Presumably that code passed code reviews, static analysis, and some sort of testing? Yet it still made it in. It's just not feasible to have 100% confidence that third party software is ensuring your privacy.

[prepend]

My understanding is that it doesn’t answer all the risks you call out, it’s just that it is lower than the same risks and more for proprietary, non-OSS software.

If components are OSS then I have an easier time auditing. And perhaps I audit one section, and trusted people audit other sections and we can all run a trivial verification program.

Again, it’s not perfect, it’s just better. And it at least has the conditions for perfect review, while other methods do not.

[MaxBarraclough]

To mirror fsflover's comment:

> Does he go through every single line of code on every single application he uses to ensure privacy? Does this mean he is an expert in the Linux kernel? And chromium, and sendmail...

You're misunderstanding it. You don't need to go over every line to benefit from the source being available. It's very rare for bad actors to publish outright malicious source code and just hope no one spots it. People who want to release malware just about always insist that you cannot inspect the source code.

Of course, it's possible to release good source code and also introduce malware into the official binaries, lying about it corresponding to the published source, but that's another matter.

> It's just not feasible to have 100% confidence that third party software is ensuring your privacy.

It's rare to aim for absolute perfection and absolute guaranteed trustworthiness. Insisting on Free and Open Source software is a pretty effective means of avoiding many forms of malware.

[fsflover]

> Of course, it's possible to release good source-code and also introduce malware into the official binaries

Which is solved by reproducible builds.

[MaxBarraclough]

Right, or source-based distribution of packages.

[fsflover]

> but it's really not realistic for someone to audit every single line of code in every software to be guaranteed that nothing nefarious happens.

This is missing the point. Having the source code decreases the chance of having malicious software by allowing random people to read the code. Anyone can raise alarm if they see anything suspicious and it's easy to check such claims.

[Mordisquitos]

>Just look at the Linux kernel, it's auditable but recently it came to light that a university had submitted nefarious code to it.

...and it came to light because it is auditable. Short of rejecting digitalisation and returning to monke, is there anything better in terms of trust and security than using open source software?

[tlarkworthy]

By exposing your source publically it only requires one person to check to provide herd immunity. It's game theoretically superior to providing source code for one off audits on request.