this post was submitted on 21 Oct 2024
406 points (98.8% liked)

Technology

59974 readers
5544 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

This is an update to a post that was previously shared in the community: Concerns Raised Over Bitwarden Moving Further Away From Open-Source

top 50 comments
sorted by: hot top controversial new old
[–] vzq 171 points 1 month ago (3 children)

Even if they are backtracking with egg on their face, this is good. Maybe better. Now they know they can’t get away with this stuff.

[–] [email protected] 143 points 1 month ago (1 children)

Not now anyway, now it's just laying in wait.

Every company does this, they put out a trial balloon, see how badly it tests, and then just wait for the right time when nobody notices. Usually during real crises in the world.

[–] [email protected] 81 points 1 month ago (2 children)
[–] [email protected] 16 points 1 month ago

Yeah it hurts but it is what it is.

Discerning consumer must vote for their wallets and educate

[–] [email protected] 11 points 1 month ago

I hate how right you are about them being right.

[–] just_another_person 42 points 1 month ago (4 children)

Man, I really hate seeing comments like this. I feel like I need to reiterate that BitWarden is NOT an open-source company. They are committed to providing open-source compatible products with their products. Two very different things.

If they feel their product is somehow lacking or affected by whatever they are packaging right now, they are completely free to change it. They also have no barriers to entry for users who wish to use another client.

It's really not a big deal.

load more comments (4 replies)
[–] morriscox 14 points 1 month ago (1 children)

Are they backtracking when they have stated that it's a bug?

[–] vzq 13 points 1 month ago (2 children)

That’s why I said “even if”.

“Even if” it’s not really a bug and they are backtracking, then [rest of comment here].

[–] BassTurd 9 points 1 month ago

I interpreted your comment correctly. Make sense to me in context of the OP.

[–] morriscox 1 points 1 month ago (4 children)

Even if they are backtracking with egg on their face

Your comment can be read in more than one way.

load more comments (4 replies)
[–] bulwark 94 points 1 month ago (3 children)

When I dropped LastPass I found Bitwarden and liked them mainly because of the open source. I pay them for the software so that it can remain free and open. If that stopped, I would also stop paying them for it.

[–] [email protected] 47 points 1 month ago (1 children)

Same here, I dont need the paid version. I pay so they can keep their free version free for peoppe who cant pay.

Knowing VC funding came and now this debucle got me spooked.

[–] ArtVandelay 16 points 1 month ago (1 children)

Same, I specifically paid for premium to do my part in ensuring they don't need VC funding :(

[–] [email protected] 9 points 1 month ago* (last edited 1 month ago) (1 children)

And now that you know they still took VC funding, are you still going to keep giving them your money?

Honest question, because I'm in your same boat and I know I'm not.

[–] [email protected] 3 points 1 month ago

TBD frankly... But i am ready to move if needed.

[–] [email protected] 12 points 1 month ago* (last edited 1 month ago) (2 children)

My renewal is coming up. I've been a premium customer for probably 7 years or so, I'm not renewing.

This wasn't a bug, this was a toe in the water to gauge the temperature.

Like it or not, this means they've chosen a path, and nothing is going to stop them from going down it. The only variable is the timetable.

[–] [email protected] 3 points 1 month ago (1 children)

Okay, I'm a bitwarden user who hasn't been online much in the last couple weeks because of school. Bit ootl. Wtf happened exactly?

[–] [email protected] 17 points 1 month ago* (last edited 1 month ago)

To borrow a phrase that is fast approaching cliche, the enshitification process has begun.

They sent out a trial balloon by updating licensing to move further away from an open source model, with a wide range of implications.

They've now backed off claiming "it was a bug", but it's not like their MBA's are business strategy wunderkinds. They're just rehashing the same old strategy, and going by the downvotes my comment received, there's still an audience that believes them.

But who are they kidding? This isn't going away, and when someone shows you who they are, you should believe them.

Like I said earlier, the only variable is the timetable. The destination is a foregone conclusion.

[–] [email protected] 0 points 1 month ago* (last edited 1 month ago)

well, it is up to you. me as premium user I am fine with their change and policy as long as Bitwarden does not mess up like Lastpass with data breaches and one active device policy.

[–] Badeendje 4 points 1 month ago

Yup, same here.

[–] [email protected] 42 points 1 month ago (3 children)

That tweet has such a clinical PR tone to it that is not helping put me at ease and im probably going to be moving my vault

Also this doesn't really fully address the issue as I understand it?

[–] [email protected] 23 points 1 month ago

That tweet has such a clinical PR tone to it that is not helping put me at ease and im probably going to be moving my vault

Calling open source a "licensing model" in particular sounds like MBA-speak.

[–] [email protected] 16 points 1 month ago* (last edited 1 month ago)

There is no issue here from Bitwarden POV, except the pushback they receive now.

Bitwarden got VC funding and the bell is ringing to bring the cows back in to be milked dry.

They are testing the water to see how people react, scale back a bit through whatever lies/PR, and will just wait for the right time to shove more shit.

This is a pattern we've seen over and over again.

[–] [email protected] 11 points 1 month ago* (last edited 1 month ago)

I know this is a completely separate thing, but something about the current redesign they're pushing is making me very uneasy, as well. It feels very much like corporate focus-grouped, iOS chasing crap, i.e not at all interested in the type of power user and FOSS types that initially embraced it.

Moreover, when someone asked for compact mode (again, as people have been asking for it from the beta for at least a year now), the response was some of the most PR shit I've seen from a FOSS developer.

They legitimately defined something as basic as compact mode as a "power user" thing that they're "considering". And routinely reinforced how much they "value" power users, whole also suggesting their robust search function.

A bunch of people had to demand the Android Beta app restore Quick Tile functionality because the dev team got in their heads it wasn't necessary to have a manual trigger for auto-fill.

Just feels like a lot of disconnect coming from the development side and its not inspiring confidence.

[–] b3an 24 points 1 month ago

Oh thank Christ. I was afraid this was Lastpass all over again.

[–] morriscox 19 points 1 month ago (4 children)

I'm not sure how it could be a bug but I notice a lot of complaining(1) and calls to move to KeePass. It reminds me of the complaining(1) about Windows and how everyone should move to Linux. Lemmy was itching to torch BitWarden. We seem to have a mob mentality, with little ability to consider possible explanations and multiple factors.

  1. I'm tempted to put bitching.
[–] [email protected] 28 points 1 month ago (3 children)

As a long time Linux + KeePass user:

FUCK Windows and Microsoft for everything they've done to the general public and open-source software with their shit. Yeah yeah they are turning around, but still fuck them.

I have no strong feeling towards Bitwarden, but I will never put my secrets into anything non-FOSS. And I sync it with my Nextcloud.

Stallman was right about software.

[–] [email protected] 2 points 1 month ago (2 children)

I thought bitwarden was open source?

[–] [email protected] 4 points 1 month ago

Was yes. They have introduced an "internal sdk" into all their clients with no available source code. That's what everyone's complaining about. They call it a "packaging bug", but in reality Bitwarden clients are just no longer open source.

[–] CarbonatedPastaSauce 2 points 1 month ago

Turning around in circles maybe.

[–] morriscox 1 points 1 month ago (1 children)

I don't disagree with you. It's just that it's not black and white. Your boss says no, you don't try to go around. My wife says that she will only use Windows, yes dear. I use Debian, Raspbian, Windows 10, and Windows 11. Windows 10 feels the most comfortable and has the best compatibility. But yeah, I'm not a fanboi.

[–] [email protected] 5 points 1 month ago (1 children)

My SO switched to Linux with their latest PC, since they don't need anything specific. Never even noticed much of a difference. They even play old games on it just fine.

I am in a priviledged position to not accept positions of work which hard-require Windows. I did work for companies with soft-requirements, but it was a corporate with solid Linux community, so they had workarounds for everything.

I'm not saying it's easy to live the FOSS dream, but if one has the priviledge, they should choose to do so.

[–] morriscox 2 points 1 month ago (3 children)

She knows Windows. I have thought of asking again but Linux isn't exactly known for user friendliness, no matter the distro and WM.

I agree with using FOSS when feasible.

load more comments (3 replies)
[–] [email protected] 10 points 1 month ago (1 children)

I'm still happy to use and pay for BitWarden. All I see are KeePass fanbois trying to throw shade at a company they don't like.

And KeePass is great, too, but it isn't going to be for everyone, and that's not an indictment of its quality or utility.

[–] [email protected] 3 points 1 month ago

Yeah, I am fine with their new policies as long as Bitwarden does not mess up with data breaches or annoying feature such as one active device policy like Lastpass.

[–] cybersandwich 4 points 1 month ago

Lemmy is hilariously reactionary and fickle. Never found a windmill that couldnt be tilted at.

I'm not sure why that still surprises me considering it's made up of a ton of people who self selected to leave a site in protest.

[–] [email protected] 4 points 1 month ago

Current Lemmy will circlejerk about the end of any company or product with the smallest nudge.

Every slightly negative post above a certain threshold of views will have comments about abandoning whatever thing it's about.

[–] [email protected] 16 points 1 month ago

Mirror of what xxkylexx, Bitwarden Developer, said on Reddit:

Hi, Thanks for sharing your concerns here. We have been progressing use of our SDK (software development kit) in more use cases for our clients. However, our goal is to make sure that the SDK is used in a way that maintains GPL compatibility.

  1. the SDK and the client are two separate programs
  2. code for each program is in separate repositories
  3. the fact that the two programs communicate using standard protocols does not mean they are one program for purposes of GPLv3

Being able to build the app as you are trying to do here is an issue we plan to resolve and is merely a bug.

From how I understand it, it appears they are saying that the bug was that it was possible to build externally.

[–] loanrangerofpeanuts 5 points 1 month ago (2 children)

I’ve been paying for proton mail for a couple years now. Decided to stick with Bitwarden when proton announced their password manager as I liked it more. Based on this fiasco I gave it a second look and so far I’ve been liking it. I haven’t committed to abandoning Bitwarden, but I’m certainly on track to.

[–] asap 12 points 1 month ago

They're not really comparable since Bitwarden has the source available for auditing and Proton Pass (server) does not.

[–] [email protected] 3 points 1 month ago

Heh, this is exactly what I went through today. I'm a paid Proton user, but ignored Proton Pass when it came out because I was already well-entrenched with BitWarden. Decided today to give it a real look. Generally pretty pleased with what I'm seeing, though I'm not entirely committed to shifting platforms.

[–] JASN_DE 4 points 1 month ago
[–] RustyNova 1 points 1 month ago

I wanted to check out bitwarden as a self hosted service, but looks like I better stick with good ol' keepass+Syncthing