You do know that even the pixel contains closed source code on the firmware level right? And the hardware designs are closed as well.
So should we give up on gos as well now because its not perfect? Ofcourse not. But this is the kind of nuance that you are lacking, its just black and white with you, when reality is gray.
Furthermore then that, how many folks do you think actually read the code of open source projects they use, let alone having the time to do that AND the competency to discover a backdoor in a piece of complex code that they are unfamiliar with.
Some of those FOSS projects have little resources to keep out the bad guys. Apple has almost limitless resources to harden the OS. You can take issue with some of their practices but to just disregard it all is nonsense.
Agreed. Thereās way too much groupthink over FOSS. Where most people donāt have the time and knowledge to check the code themselves. And assume / hope someone else is doing it instead.
An app could be poorly coded, or not really maintained but some zealot will say yeah but itās FOSS so itās still better. Umm no itās not.
For those who do use GOS I have some questions. For android auto does it have to be in an owner profile if I wanted to separate profiles. Can I get audio to come through android auto for phone calls or audiobooks?
Not that I gave tested but it should work in any user installed with the Sandboxed Google Play, I really donāt think it needs to be the owner though I test/ask to be sure but this is as far as I am sure aboutā¦
I believe the keyword is that you can audit it, as in you have the capability to do so. How does one guarantee that the software running isnāt transmitting information? You could try to do network analysis and monitor packets going in and out, but with HTTPS you likely wonāt even see what data is being transmitted. With proprietary software, there are no guarantees about privacy. A privacy policy indicates some level of what is collected, but some threat models should not assume that those who post that policy actually follow it (try searching āApple privacy violationsā).
Lastly with FOSS, there is also the possibility to fix it, as a right to repair so to speak. That isnāt to say it will be fixed, but a piece of software can be forked. This is not a guarantee of any kind it will be done.
This has nothing to do with UX and applications being useful. FOSS can be just as dumb, broken, pointless, insecure, privacy violating, malware ridden, and irrelevant as any other piece of code. Itās not free as in someone else must audit the code for you, itās only free in that youāve got the freedom to do whatever you want with it. At worst, itās privacy through transparency (as shitty as security through obscurity), at best it will unlock the best way we currently have to know a piece of software is definitely private: auditing the code.
Until there companies diligently follow their privacy policy, donāt constantly update it to be more invasive, or there is a cryptographically secure way to ensure applications donāt break the rules, FOSS is sadly the best way to shift having 100% trust in running binaries to shift having trust in the code / blueprint itself. This isnāt to some degree of privacy canāt be achieved without FOSS, but some threat models do not tolerate such trust.
EDIT: I know this was an off topic rant, but I keep seeing this hard divide between 100% FOSS and FOSS isnāt necessary, and I donāt think people are capturing the nuance in between.
