• boolean@kbin.social
    link
    fedilink
    arrow-up
    54
    arrow-down
    11
    ·
    9 months ago

    install random third party software that may be sniffing or leaking information to remove shady features from windows that sniff and leak information.

    windows sucks.

    • killeronthecorner@lemmy.world
      link
      fedilink
      English
      arrow-up
      60
      ·
      9 months ago

      The app is open source so you can review the not-leaking-your-information that it does yourself.

      Windows on the other hand …

      • Kecessa
        link
        fedilink
        English
        arrow-up
        9
        arrow-down
        1
        ·
        9 months ago

        I wonder how many apps this actually happens for, my guess is “way less than people think”

        • killeronthecorner@lemmy.world
          link
          fedilink
          English
          arrow-up
          11
          ·
          9 months ago

          That they leak information? I work in commercial software development and I have to do a lot of open source security reviews. The answer is: virtually none.

          Private, closed-source software on the other hand… If it could sniff your farts and send the smell to advertisers, it would; in almost all cases.

          • Kecessa
            link
            fedilink
            English
            arrow-up
            7
            arrow-down
            1
            ·
            9 months ago

            No, that people actually take the time to check the source code before installing them

            I’ve seen enough crypto scams to know that even when the code is public, people don’t bother… Heck, there are scanning tools for crypto that tell you how risky the shitcoins are and people still get scammed out of thousands of dollars!

            • cley_faye@lemmy.world
              link
              fedilink
              English
              arrow-up
              8
              ·
              9 months ago

              Not everyone have to check something. But there are people that do routinely check popular stuff, either on their own or for their job. Sometimes this raises issues, which are usually handled appropriately. Of course if you download a little unknown piece of software made by a single person and never advertised anywhere, you’ll have to do the job yourself. But anything semi-popular attracts enough attention to get some level of audit, at least because business uses a lot of open source. There are even businesses whose main product is auditing and developing open source, kind of like bounty hunters.

              And of course there are counter-examples, too. TrueCrypt got pulled out quite dramatically, and I’m not sure we know why even now. But the more sensitive the stuff, the higher the chance of it getting some level of investigation.

            • killeronthecorner@lemmy.world
              link
              fedilink
              English
              arrow-up
              4
              arrow-down
              1
              ·
              edit-2
              9 months ago

              As a software user, you can either care about your privacy or not. Caring about your privacy and not either vetting what you’re planning to use or checking that someone else has before using it, is akin to sticking your hand in a fire to find out if it’s hot.

              Taking that analogy further, malicious open source software is kind of like a burning building. It only takes one person to raise the flag for it to spread pretty quickly through social media or other means that it is malicious. The whole community doesn’t need to acknowledge the fire for something to be done about it.

        • D_Air1@lemmy.ml
          link
          fedilink
          English
          arrow-up
          6
          ·
          9 months ago

          Yeah, but it is virtually impossible to read all code running on your machine. At the very least it is an option. While I personally wouldn’t search the code of random open source calculator app. I’ll be damned if I ain’t inspecting something like this.

    • purplemonkeymad@programming.dev
      link
      fedilink
      English
      arrow-up
      3
      ·
      9 months ago

      My reason for not using them is that they tend to be overly aggressive in what they remove. I only need a few reg tweaks and denying permissions on a few files. These often go whole hog and remove whole components, almost all apps etc. I actually use one drive, I don’t want its files also removed.