Continuing the discussion from Require Open Source for Password Managers
I don’t think Privacy Guides should enforce a strict FOSS-only policy in this category—in fact, in any category. This approach could lead to excluding good projects just because their client-side or full code isn’t open source. It doesn’t mean they’re falsely claiming privacy or security. For example, 1Password has proven its reliability. While there are many great FOSS projects, they don’t always surpass proprietary options in terms of features or UI/UX.
I believe we should list both FOSS and proprietary tools in each category, with the condition that proprietary options undergo at least yearly audits. We could also provide badges and information highlighting each project’s strengths. A tool that works well for one person might not suit another. Just because a FOSS tool is favored by many in the community doesn’t mean it’s the best choice for everyone who visits the Privacy Guides website, especially for those new to privacy concerns.
We shouldn’t limit people’s choices based on the preferences of a few. While we should definitely establish criteria for evaluating proprietary projects, we shouldn’t prevent them from being recommended altogether.
Note: I would definitely appreciate it if we could discuss this further in a new thread.