I’m note a programmer. I Don’t Understand Codes. How do I Know If An Open Source Application is not Stealing My Data Or Passwords? Google play store is scanning apps. It says it blocks spyware. Unfortunately, we know that it was not very successful. So, can we trust open source software? Can’t someone integrate their own virus just because the code is open?
There are some very good comments here, here are a few to think on:
With FOSS anybody cant just modify the code that you use, say in my lemmy instance. The code I run comes from the dev’s own github account, and they manage the code that comes into the project - this doesn’t mean that the underlying code is immune to bugs any bore than closed platforms though, just that more eyes can look for bugs and exploits
With FOSS I can fork a code base and publish that, like I have done with the Alexandrite UI for lemmy. I could insert password sniffers in that cade, and someone could build from that source - but the code changes that I have made are laid out for any one to look at. Again, it doesn’t mean the base code is any better than closed, just that more eyes can look