[moooo99]

I think the increasingly widespread attitude that only open source software is good and trustworthy increasingly annoying and problematic.

Building software takes time and resources. Experienced show that most open source projects do not make enough money to make the resource investment worthwhile, much less the time investment.

I generally like people being able to out food on the table, and if that means I have to pay for their software to use it or get updates, then I am happy to do so if that software is of value for me.

That of course doesn‘t mean I appreciate unnecessary vendor lock in, hostile subscription models, etc. All of these things are common with proprietary software, but they are not inherent to it.

Obsidian is a great example. Easy to takeout open formats, generous licensing model and no aggressive licensing implementation that makes it impossible to use the software offline. The team behind it seems to be able to make a living and people can still feel safe about the access to their notes.

Even if its not open source, it would be great progress if we‘ve had more software like obsidian

[jamesbelchamber]

> I think the increasingly widespread attitude that only open source software is good and trustworthy increasingly annoying and problematic.

Software being open source almost always makes it more trustworthy, and I'm glad that more people are picking up on this over time.

> I generally like people being able to out food on the table

Completely agreed, and this makes for a frustrating paradox.

I don't use Obsidian because it's closed source, but I don't think it's evil or anything. Conversely, I pay for Immich, and I hope their model is sustainable.

[pjmlp]

In theory, in practice it is obvious that too many eyes to the source keep missing CVEs.

[coldtea]

Closed source also keeps missing CVEs, only most of them you never know because they aren't even making it to an officially released CVE. You usually don't even know what libs it uses and at what versions, never mind the proprietary code.

And then there's the closed source's Cloud part and its holes as well, which is a whole other can of worms.

[pjmlp]

I haven't said otherwise, other than the fallacy that being open by itself fixes those issues.

[exe34]

for me it's about running it locally/inside a wireguard network, and not having the rug pulled. not everything needs to be exposed to the internet.

[tetha]

Obsidian also has affordable commercial pricing. By now I very much try to pay support contracts or give back to projects in other ways at work.

The problem is that quite a few open core companies immediately go from $0 / year to low to medium 6-digit-figures per year. This escalates the entire project sky-high in levels of internal scrutiny with a high chance of it not happening.

On the other hand, it was simple to argue why this is easily providing us with $50 in value per year. Now it is integrated with our normal license handling and it's actually slowly and steadily growing internally. We're up another 4-5 users from the last time I looked.

[kepano]

In case you missed it, Obsidian is now free for work. The commercial license is an optional donation, similar to the Catalyst license.

https://obsidian.md/blog/free-for-work/

[tetha]

Yes. I have mentioned this internally, but my boss has agreed to keep it.

[chews]

always nice to see the CEO doing evangelism work. Keep it up my man :-)

[coldtea]

>I think the increasingly widespread attitude that only open source software is good and trustworthy increasingly annoying and problematic.

If people put their notes in, only open source software is good.

At best, one can tolerate a very big closed source company, who is unlikely to just do whatever with the data and has some track record for privacy, like Apple.

But trusting all your notes to a closed source app from a small peanuts company?

[theshrike79]

In this case the "closed source app" is using a very open and easy to parse format.

If Obsidian enshittified tonight so badly I had to stop using it, the only thing I'd kind of miss is dataview and bases.

And of those dataview is "just" parsing a bunch of markdown with javascript. Bases is a yaml format for displaying more markdown.

I'm pretty sure I could vibe-code some scripts over a weekend that cover most of my Obsidian use-cases and use any markdown-capable editor for writing.

That's why I use Obsidian (and stopped using Joplin, because - at the time - all my notes were in one obscure blob)

[cpach]

Same here. I have not found any open source option that does all of these: Nice user interface / App for both Mac and iOS / Automatic syncing.

[ezst]

> has some track record for privacy, like Apple.

Should we tell them?

[geistlos]

I think they could easily make Obsidian open source without losing out on profits. The app itself is free anyway. They could keep the sync backend closed source and make people pay to use the sync feature.

Lots of apps have open-source clients (for trust/auditability) but backends that are closed/locked somehow, e.g., Logseq.

[slightwinder]

Obsidian is using electron, so the source is already somewhat available anyway. I understand them not making it open source, and risking someone forking it and harming their business. But considering the situation, I would think making it at least source available on a popular forge, where people can make issues and open merge-requests, might be a beneficial thing.

There are a bunch of small problems people encounter here and there, which usually will never be solved by the company. Giving the community a route to improve their tool, would be good.

[pcthrowaway]

Does anyone know if it's possible to have a core which is unsandboxed, but load plugins which are sandboxed? This seems like a great solution if so.

[DanielHB]

This is one of the main use cases for Webassembly outside of the browser.

I think we will soon see the ability to write plugins that can even run server-side of SaaS solutions.

[danielspace23]

The PKM I've been using lately, SiYuan, does exactly that, and I think their business model isn't bad: the client is fully FOSS, there are some client-side paid features with a one-time subscription (WebDAV/S3 sync "bring your own server") and some server-side paid features with a more expensive recurring subscription (cloud space provided by them).

I don't particularly like client-side paid features, but:

- The client is fully FOSS, you can just patch the license check out. In fact, there are some forks on GitHub that do just that and provide binaries, and the authors don't seem to care, they even acknowledged them on Twitter (https://x.com/b3logos/status/1928366043094724937).

- There are plugins to sync without a paid plan

This works out quite well for them: if you choose a fork or a sync plugin, you don't get the same support that paying users do, so many users still end up buying a license. But you don't need to, which makes the whole thing not user-hostile.

I have bought a one-time license myself, and I'm very happy that I'm supporting the development of a FOSS project.

[slightwinder]

The article is about security and trust. Open Source is in that context by definition the only good solution. Though, doesn't mean that a closed app has to be bad, but you have to blindly trust them, and hope that this will never change. With Open Source, you don't have to be blind, you can trust them educated (or at least trust that other will check what's going on).

Of course this always a bit of case by case, but obsidian is a very exposed and worthful target.

[rightbyte]

> I generally like people being able to out food on the table, and if that means I have to pay for their software to use it or get updates, then I am happy to do so if that software is of value for me.

Paying money to Obsidian for writing yet another text editor seems like digging and filling holes to increase GDP to me.

[yencabulator]

Obsidian is a layer on top of https://codemirror.net/ -- they didn't write a text editor, really.

[Semaphor]

Phew, good thing it’s not a text editor.

[rightbyte]

Looks like one to me. A WYSIWYG text editor with hyper links. Like Emacs.

[N-Krause]

While I agree with you, i feel like that was not the point the author was making.

It more so was a warning that the combination of little reviewed community plugins and a not sandboxed macos binary is a potential risk. And with that sentiment I can also agree.

[kcplate]

That was my take too. I am less concerned with an app being simply closed source and much more concerned with closed source coupled with skipping review and the general approved distribution models on the two platforms.

[wosined]

It does not have to make money for people to do it as a hobby. Not everything people do is because of money.

[phoronixrly]

Closed-source software is unethical regardless of any of your unsubstantiated claims on its or open-source software's security.

[slightwinder]

I hope you understand that ethic is not absolute. It's unethical for you, according to your ethical rules. Doesn't mean that this applies to other people rules too.

[phoronixrly]

Yeah, we're on a site where a large majority of users shamelessly work at adtech companies, and threads regularly pop-up where people defend working at companies actively developing and selling exploits.

I am well aware of that, this is why I remind people that proprietary software is bad actually.

[slightwinder]

You wrote that "Closed-source software" is unethical, not "harmful software & services" is unethical. There is a significant difference. Don't shift your goal as you like.

Not all closed-source software is harmful; Obsidian here is a prime example of one which is not harmful and could be even considered as beneficial, despite being closed source, because of how open and supportive it's designed in everything else.

[phoronixrly]

> Don't shift your goal as you like.

I was just confirming the point you made -- the definition of ethical is not absolute, and there are people that consider questionable things ethical.

> Obsidian here is a prime example of one which is not harmful and could be even considered as beneficial, despite being closed source

All proprietary software is unethical. It's as simple as that. No matter whether it's free or paid, no matter whether it's useful or harmful. If you have a right to use it but are deprived of the right to alter it, it is not ethical.

[iamsaitam]

Why do you think it's unethical?

[tuyiown]

Depends on people, but for most it's mainly because Stallman says so.

You still have ethics ground if you think it the same way as repairability, actively blocking ways to repairs things you bought yourself is questionable, and keeping things closed source can be seen as a way to artificially prolonge a strict dependance on your vendor by impairing your ability to resolve issues by yourself.

[coldtea]

>Depends on people, but for most it's mainly because Stallman says so

No, for most it's because they evaluated a number of ethical, social, and technical concerns, and think so.

[phoronixrly]

I will assume you're not trolling but that just don't know what FOSS is about. Check this out https://www.gnu.org/philosophy/free-sw.en.html

[sanswork]

You don't have to be ignorant of FOSS to disagree with the statement that closed source software is unethical.

[general1465]

If you don't know recipe for food, it is automatically unethical food?

[ruszki]

Not disclosing the ingredients is illegal large part of the world, and people can die if you don’t do that, so the answer is clearly yes in some sense. This is also true for some cooking techniques, like heat treatment of raw meat. I think your analogy is not the best.

[general1465]

Not disclosing ingredients is more like not disclosing dependencies because I am very confident that you can't go into a shop, buy a random food and then construct recipe from list of ingredients.

[coldtea]

If the recipe is hidden, yes.

It's probably illegal too, as in many jurisdiction the public, or at least a health/food regulatory body should know the process and ingredients.

Take into account allergens, and on top of a matter of public knowledge and health, it can also be a matter of life and death.

[theshrike79]

List of ingredients does not a recipe make.

It's like saying "Linux uses C" and now you instantly can copy Linux =)

[freedomben]

As someone who also believes closed source software is unethical (though full of nuance), I don't appreciate the abrasive and combative (and frankly rude) way you are engaging on this. You're so epitomizing the rabid stereotype that part of me thinks you are just trolling and don't actually believe what you are saying.

If you actually care about this, stop alienating potential allies, and ideally start making arguments to support your case instead of telling people to RTFM (which in this case is even worse because "the manual" isn't as much of an authoritative mic drop as you seem to think it is).

[Aefiam]

this page gives no arguments why nonfree software is unethical

[lcnPylGDnU4H9OF]

This is the first paragraph after the initial quote defining "free software".

> We campaign for these freedoms because everyone deserves them. With these freedoms, the users (both individually and collectively) control the program and what it does for them. When users don't control the program, we call it a “nonfree” or “proprietary” program. The nonfree program controls the users, and the developer controls the program; this makes the program an instrument of unjust power.

It seems safe to say the author thinks that one creating "an instrument of unjust power" for oneself is unethical. Though, perhaps if the commenter in question pulled that quote out of the article, it could have helped their point.

[pjmlp]

I am quite thankfull that thanks to unethical software I am able to pay my bills, instead of being like a street art performer hoping to get enough coins at the end of the day.

I was also a dreamer once upon a time, with M$ on my email signature and all that zealot attitude, then I had to support myself and face the reality that most supermarkets don't take pull requests.

[rkomorn]

Maybe that's because supermarkets would think a "pull request" is just shoplifting?

[exe34]

Many open source projects are written by people who are paid to do so. Just because you couldn't do it doesn't mean it's not possible.

[pjmlp]

From companies whose main business is selling unethical software.

Naturally I am not counting those, given that they are paid in tainted money as per OP's complaint.

[exe34]

I don't think GPL cares where the money is coming from - we're talking about closed/open source, not ethical business models. If we did, we'd have to also go over unfettered free markets and capital flow.

[pjmlp]

FOSS and GPL aren't exactly the same thing.

We are surely talking about ethics,

> Closed-source software is unethical regardless of any of your unsubstantiated claims on its or open-source software's security.

And in that regard, there is also something to talk about regarding some prominent figures in open-source world.

[linhns]

Try to get by with just open source software, I guarantee you won’t.

[phoronixrly]

First of all, I do get by with just FOSS. Second -- whether you can or cannot get by without proprietary software has no relation to it being objectively unethical.