|
|
|
|
|
|
by Nextgrid
475 days ago
|
|
|
The threat model is completely different. A big company tracking you generally does so in a fully algorithmic manner, with little to no human eyes on the actual data, and any individual's unauthorized access to such data is generally considered a Big Deal™ in these companies and grounds for instant termination. Furthermore, these companies generally have good security controls that would be hard to subvert by a hostile attacker to release a malicious build or leak the collected data. Finally there's also safety in numbers - you are statistically unlikely to be the "most interesting" person using a major company's software product such as Chrome, so even if someone managed to gain full unfettered access to the collected tracking data and/or is able to push a malicious update, it's very unlikely you will be the target. A smaller project led by a lone developer or a small team of contributors lacks those various checks and balances, large security team, and the numbers of users, such that once breached you may very well be interesting enough for the attacker to actually take a personal look at. |
|
|
If it is trust based i would rather trust someone who's open source and privacy advocate than any corporation that will abuse the data as soon as it is profitable for them. but that is my choice that follows my priorities.
Even more so when company - in the cited examples - already has heavy conflict of interest when it comes to service provided(chrome tracking <-> google ads feedback loop that gives them even higher unfair advantage)