[jqpabc123]

Well, no; there's plenty of proprietary software without a human name

A human name is not required for legal accountability.

A human name is required in order to be legally employed.

None of this applies to open source in many (if not most) cases --- the subject one being an example.

[yjftsjthsd-h]

My point was more that there's plenty of software that is not FOSS and is also not published by an identifiable legal entity, traditionally appearing as freeware/shareware for Windows/macOS. And even if there does appear to be some sort of legal entity (human or company), how many people are going to check that a company even exists on paper before installing the random .exe from its website?

[jqpabc123]

My point was more that there's plenty of software that is not FOSS and is also not published by an identifiable legal entity

Yes, installing any software of "unknown origin" is a gaping security hole --- whether FOSS or not.

The fact that some people do dumb stuff does not negate the fact that a lot (if not most) FOSS fits in this category. Anonymous maintainers and contributors is pretty normal operating procedure which equates to zero accountability.

The common retort is, "Well, the source is available for review". But as this example shows, this is a very weak indicator of security or safety. A review is often not done before (or even after) distribution --- and certainly not with a malicious actor in charge.

[yjftsjthsd-h]

Okay, but your original claim was:

> Anonymity is the unique aspect of open source that opens the door for malicious activity without consequences.

If you'd like to amend to something like

> Anonymity, which is in play for most FOSS and a decent chunk of proprietary software, opens the door for malicious activity without consequences.

Then I wouldn't strongly disagree. I'm still a little skeptical, because people keep finding backdoors in non-FOSS software/firmware, of course, but it'd at least be a defensible claim. I'm only really objecting to the notion that this is unique to FOSS.

[Anonbrit]

There's tons of utter garbage commercial software. There's commercial software with intentionally built in backdoors and information stealing. Most of it gets zero accountability, nor do the sites that distribute it, nor the ad networks that find viewers for it.

Just like there's basically no reputational harm anymore for leaking all your users details for most leaks

[jqpabc123]

https://en.wikipedia.org/wiki/Whataboutism

[yjftsjthsd-h]

No, it's not whataboutism. You claimed that this was a problem unique to open source. Pointing out that the same results manifest in non-FOSS software isn't whataboutism, it's a direct contradiction of your claim.