• sub_ubi@lemmy.ml
    link
    fedilink
    English
    arrow-up
    57
    arrow-down
    2
    ·
    edit-2
    8 months ago

    It’s honest. You can trust Ljdawson with your lemmy data, I do, but that’s the nature of closed source.

    I don’t think the warning needs to be that big though heh.

    • Scrubbles@poptalk.scrubbles.tech
      link
      fedilink
      English
      arrow-up
      17
      arrow-down
      1
      ·
      8 months ago

      Exactly. On one hand, I have LJ whose app I’ve used for over 10 years and never had a problem with. On the other is an open source app I know nothing about and I’m not going to pour over code to inspect.

      LJ Burns me? I’ll find a new app. So far it’s never happened in the last decade.

  • Zagorath@aussie.zone
    link
    fedilink
    English
    arrow-up
    48
    arrow-down
    8
    ·
    8 months ago

    I find warnings like this rather amusing, because unless you compiled it yourself, even an open source application could secretly have malicious data-harvesting code added to it.

        • Zagorath@aussie.zone
          link
          fedilink
          English
          arrow-up
          2
          ·
          8 months ago

          Eh I think that’s fair. You don’t have to trust fdroid per se, so much as trust that they’re not collaborating with a specific developer. It’s a much, much narrower condition. (Or alternatively, trust in their competence to have developed a system that works, but not that they are doing things without being malicious, which is a worthwhile discussion, but not quite the same as the one we’re having here.)

        • Tier 1 Build-A-Bear 🧸@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          8 months ago

          Have I what? Read all open source code? I was replying to someone else, and not about any particular app. It’s just way harder to sneak something malicious into open source code than closed source, trust only gets you so far. It’s just common sense.

      • Zagorath@aussie.zone
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        8 months ago

        You can check the code for unintentional vulnerabilities, or intentionally added in by a contributor, but you can’t do anything about something intentionally added in later in the process by the person responsible for managing the build and distribution of the application.

  • eutsgueden@lemm.ee
    link
    fedilink
    English
    arrow-up
    38
    arrow-down
    1
    ·
    8 months ago

    Makes sense to be on that site, since a lot of Lemmy users are probably interested at least in part due to the FOSS nature of it. Maybe it doesn’t need to be phrased as a “warning” though, more just as an FYI. Seems like it could scare people away thinking it’s a data harvesting tool, but such is life.

    • Thann@lemmy.ml
      link
      fedilink
      English
      arrow-up
      9
      arrow-down
      20
      ·
      8 months ago

      There’s only two reasons to own something:

      1. To fuck someone over with it, or,
      2. To avoid being fucked by someone else with it.

      It is a warning and I think they’re being pretty gentle with this needlessly proprietary bullshit

      • eutsgueden@lemm.ee
        link
        fedilink
        English
        arrow-up
        13
        arrow-down
        2
        ·
        8 months ago

        That’s a very black and white way to look at the world but you do you.

        • Thann@lemmy.ml
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          7
          ·
          8 months ago

          “Proprietary software is bad” should be as controversial as “murder is bad”

        • Thann@lemmy.ml
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          2
          ·
          8 months ago

          When the companies colluded to price fix, you get fucked for not having stockpiled

  • limerod@reddthat.com
    link
    fedilink
    English
    arrow-up
    35
    ·
    8 months ago

    The app does have ads(which may collect data) and it’s also closed source. They are not lying.

  • Mereo@lemmy.ca
    link
    fedilink
    English
    arrow-up
    29
    ·
    8 months ago

    It is logical. With open source software, the source code is out there for everyone to see how user data is being handled. But with closed source, you can’t, it’s a black box, so you have to trust the developer on how user data is handled.

  • kyle@lemm.ee
    link
    fedilink
    English
    arrow-up
    12
    arrow-down
    4
    ·
    8 months ago

    I mean yeah, it’s a closed source app. The most that could possibly be collected is your IP alongside browsing habits. Your ISP already does that and definitely doesn’t care who gets it, so anyone who is concerned already uses a VPN.

    • Rai@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      10
      ·
      8 months ago

      You can collect a helluvalot more than that. Take a look at Threads’ permissions. You can collect just heaps of user data if you’d like.

      • kyle@lemm.ee
        link
        fedilink
        English
        arrow-up
        4
        ·
        8 months ago

        Agreed, certainly possible, but I haven’t personally granted Sync permissions to anything except notifications.

  • ramble81@lemm.ee
    link
    fedilink
    English
    arrow-up
    6
    ·
    8 months ago

    So should you have that comment on every instance that you don’t own? Because whatever instance you join can collect all that information too even if the software is open source. A site owner can trawl the database and get all your private info that you supply too.

    • BradleyUffner@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      8 months ago

      The site owner could just modify the source code they run too. It’s not like, as a user, I can prove the server is running the same code that I can see in the public repo.

  • imaqtpie@lemmy.myserv.one
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    1
    ·
    8 months ago

    It is what it is. When the app is this good, the warning doesn’t matter all that much. You can tell by the activity on this community that Sync is one of the most popular apps anyway.

    Btw, that’s the first time I’ve seen the redesigned join-lemmy site and it’s pretty slick imo. Not sure when they updated it, but it definitely didn’t look like that when I joined 😅

  • spiderman
    link
    fedilink
    English
    arrow-up
    3
    ·
    8 months ago

    while i think it’s not bad having this warning i can say sync’s a good app you can trust. maybe the only closed source lemmy app you can trust. the last time i paid for a closed source app, it went eol way before i thought. hope lj doesn’t do that 🙂.