this post was submitted on 02 Aug 2023
1660 points (76.1% liked)

Memes

45745 readers
1725 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] Prethoryn 38 points 1 year ago (4 children)

I don't understand the issue here?

You want open source and free software. You get that with a developer trying to make a living to improve upon a product like Jerboa. Jerboa works but by comparison to Sync it is rough. By rough I mean the UI is not the best, it needs way more time and polish not only looks nice but has extra features and functions to make it stand out.

With something like Jerboa you would donate money by choice but if your argument is free and open source you need to donate more money to support that.

Sync is popular because its closed source makes it harder to break the security aspect if you don't have all the access to source code. It is popular because it was a great app for Reddit and had that advantage. You know what people did to help the developer make a living and put more time into it? They supported it willingly by paying for extra features to help the dev and get more out of the money they were willing to spend.

I understand free and open source APIs being available and wanting more free and open source software to stay that way to make all things free and open. So support the apps you appreciate being free by willingly providing money which in return makes them not free.

If you want things to get better somewhat you invest in them. If they go belly up well then it was a bad investment. Sync is a fantastic app and it has the edge because it has a good developer and has had a good community who pays for it and supports it because things you love you will support. If you are a good developer you give more for that money provided.

The PS Mini literally used an emulator to play games. A free open source emulator that you could find. People still paid for a console that charged to use that open source software. Why? Because they loved gaming at home and the product.

I will pay for Sync because it makes a product better. A product that makes a newcomer leave Reddit and find Lemmy. An app that provides familiar and easy to use features. An app that has the edge that can make Lemmy a smoother experience. Just because something charges money, which by the way is an optional choice, and just because something is close sourced which by the way tends to be more secure doesn't make the product bad. It can bring more into the community.

If your issue with Lemmy isn't that it's FOSS but your issue with other platforms is that they run poorly or they need more polish well then you are arguing against yourself.

[–] turbo_snail 15 points 1 year ago (2 children)

Sync is popular because its closed source makes it harder to break the security aspect if you don't have all the access to source code.

Do I understand correctly that you mean, that closed source makes something more secure?

I believe that open source can be more secure because:

  • More people looked at the source code thus more bugs have been discovered.
  • Bad actors will get a hold of your code anyways. Especially mobile apps should be easy to reverse engineer.
  • Intentional backdoors are easier to hide in closed source applications.

There might be more arguments, but I think you get the point.

[–] Prethoryn 7 points 1 year ago* (last edited 1 year ago) (1 children)

Sorry for the lengthy TL;DR you are not secure by default or more secure by default either way. Both methods have their advantages and disadvantages. There is an article below. I don't like to really argue but have educational discussions. Arguments don't really help anything. Hopefully, this is helpful as the wall of text comes off like a rant but it isn't. However, interpret it as you will. Have a nice evening.

The real point is that security is tricky being open doesn't always mean you are more secure or for that matter any more private.

"bad actors will get a hold of your code anyway."

This is the equivalent argument of, "we should just make guns free and available to everyone because if a criminal wants a gun they will just buy one."

There is some truth in your argument that is undeniable and anyone who attempts to deny that is a fool. That isn't my point however. The point is that closing something doesn't also mean it is less secure because prying eyes have seen it. Close sourcing content can also mean less prying eyes while it is true more people see open source it means your code is also more vulnerable to an attack.

Android and iOS are proof that close sourced and open source content both have their benefits and cons. I am an Android guy all the way but it is true that there tends to be less malware on iOS than Android. At least that is how it seems.

It is true that bad actors are going to act badly but what is even more true is there are proper ways both open and close source platforms can exist securely. While I love Android and Apple may not be the best analogy because they have tons of devs and lots of money and we are comparing them to 1 dev and small amounts of money.

Just because something is closed source doesn't mean it's a problem or less secure if anything close sourced and discovering a problem can make it more secure because that product actively gets better or more secure when the problem does become apparent. The issue is how the problem appears.

Open source appears more secure because more eyes can see it and that means a vulnerability can be spotted before it occurs but that also means more prying eyes could also take advantage of that vulnerability before it is caught and that does and has happened.

The theme I see on Lemmy is that anything not open source is something to be afraid of but that is not always the case.

Because I like to educate and not argue here is an article worth reading. The issue is that open source can begin to get too hard to follow if not everyone knows what they are looking at.

Open Source Security

[–] turbo_snail 5 points 1 year ago* (last edited 1 year ago)

Thank you for your answer. I will read the article you linked.

I initially was just very irritated by your comment because it sounded like closed source is more secure in general.

Have a nice evening too.

load more comments (1 replies)