[amazingamazing]

> but Waterfox has been out there long enough that I'd think someone would have picked up on it by now.

lol that doesn't mean anything. it's good that it's open source, but time unfortunately is not an indicator since it doesn't necessarily imply anything about the amount of those checking or the quality of said checks.

[echoangle]

Do you audit every software you run? Which linux distro are you running? What do you do before installing a package you want to use?

I wouldn't just install everything I find on the internet but at some point you have to be realistic.

[amazingamazing]

I'm not sure what your point is. I was just pointing out that duration of existence is not some sort of guarantee that there's no malware.

[echoangle]

The point was that there is never some sort of guarantee, unless you personally audit every single piece of code and build it yourself with a compiler you built yourself on a computer you designed yourself.

But having an established project with a long history and many users and external developers can give you some ammount of trust in the safety of it.