On Sep 5, 8:45 am, Michael Wojcik <mwoj...@newsguy.comwrote:
Lasse Reichstein Nielsen wrote:
Most importantly, the source is available, so it will be impossible to
hide snooping code.
How many users will built it from source, rather than using
precompiled binaries, do you suppose?
Very few I suspect. There are two main benefits of open source code:
1. Other developers can use it for whatever purpose they choose and
can contribute changes that improve or modify it in useful ways.
Others can adopt those changes, or not.
2. Anyone can dig into the source to resolve bugs and determine
exactly what the code does - though clearly that is only going to be
undertaken by individuals with the ability and motivation to do so.
There are a number of claims already that Chrome reports stuff to
Google, I don't think the people who discovered that needed the source
to do so. They may use it for further analysis, or to build and
distribute a version that doesn't "phone home" (or phones a different
home).
And will refuse to install updates?
"Refuse"? Some may disable automatic updates, but I don't see that as
aiding Google's efforts to control the universe. It may leave those
users exposed to bugs and security issues, but no more than if they
disable automatic updates of any other application.
Many enterprises have automatic updates disabled so that they can be
centrally controlled, I don't see them getting pwn3d with sufficient
frequency for it to be an issue.
And will vet all of the source in the first place?
I think there are very few people who could draw any useful
conclusions from doing that, so whether or not a typical user does so
is neither here nor there.
The point here is that anyone who is interested can find bugs, errors
or other issues in the code. There are a number of agencies that have
become adept at finding bugs and security issues in closed source
applications, I imagine they will find it much easier with open
source.
--
Rob