this post was submitted on 29 Jan 2024
279 points (100.0% liked)

Technology

37712 readers
154 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Last week, I turned on my PC, installed a Windows update, and rebooted to find Microsoft Edge automatically open with the Chrome tabs I was working on before the update. I don’t use Microsoft Edge regularly, and I have Google Chrome set as my default browser. Bleary-eyed at 9AM, it took me a moment to realize that Microsoft Edge had simply taken over where I’d left off in Chrome. I couldn’t believe my eyes.

you are viewing a single comment's thread
view the rest of the comments
[–] wizardbeard@lemmy.dbzer0.com 11 points 9 months ago (3 children)

If no one is actually auditing that code, or somehow confirming that the binaries shipped by your package manager match what the code compiles to, then you're still playing a trust game.

Trusting in open source software devs rather than a capitalist corporation definitely makes sense, but it isn't some panacea for "safe, nonspying software".

Also, dependencies on linux absolutely include programs I don't want. They just tend to be less obtrusive terminal programs and libraries rather than full blown UI based shit. Less visible, but far easier to sneak under the radar.

is why the mostly trust :3 as always run code at ur own risk

and the utility programs thatr part of thhe dependencies r often there so its easier for devs to use depenancies, so they do sorta gotta be there !

[–] jarfil@beehaw.org 4 points 9 months ago* (last edited 9 months ago)

somehow confirming that the binaries shipped by your package manager match what the code compiles to

Indeed, that's why: https://reproducible-builds.org/

Right now, Debian seems to be leading with over 95% of packages being reproducible.

[–] msage@programming.dev 4 points 9 months ago

That's why I use Gentoo. I don't read the code, even just Firefox is absolutely bonkers, but being able to flag out parts of code just feels nice. I know it's not absolute, but -telemetry gives me a nice warm feeling inside.