Honestly, I sometimes do. I contribute to free software, file bugreports and most of the time have a look at the code to see if I can fix it myself and hand in a patch. I tinker around with brand-new niche ideas. More often than not my (larger) contributions are to small projects and not the large ones. It’s not my hobby to fix Firefox. I think there are a lot of people like me.
And for Linux distributions and something like the F-Droid you have some maintainers on top, who often review every patch and new version.
And that’s the issue. I totally understand that one does not want to look through tens of thousands of lines of code just to use a silly little app. Even if you can understand the programming language and even if you took your time to look into it, its really unlikely that one would find either malicious code or simply security relevant bugs just from skimming through it.
However, if everyone just relys on others no one actually checked it. Yes it is possible to look into OS code but that alone doesn’t make it better. There has to be at least someone to check it. The open source community is such a small one already.
It’s like buying a ticket for the train. There might be controls so almost everyone does it. But as soon as it gets common knowledge that there are never any checks some will start to not do so. And in case of software even if something gets spotted eventually it might have had enough time to cause serious damage
deleted by creator
Honestly, I sometimes do. I contribute to free software, file bugreports and most of the time have a look at the code to see if I can fix it myself and hand in a patch. I tinker around with brand-new niche ideas. More often than not my (larger) contributions are to small projects and not the large ones. It’s not my hobby to fix Firefox. I think there are a lot of people like me.
And for Linux distributions and something like the F-Droid you have some maintainers on top, who often review every patch and new version.
deleted by creator
And that’s the issue. I totally understand that one does not want to look through tens of thousands of lines of code just to use a silly little app. Even if you can understand the programming language and even if you took your time to look into it, its really unlikely that one would find either malicious code or simply security relevant bugs just from skimming through it.
However, if everyone just relys on others no one actually checked it. Yes it is possible to look into OS code but that alone doesn’t make it better. There has to be at least someone to check it. The open source community is such a small one already.
It’s like buying a ticket for the train. There might be controls so almost everyone does it. But as soon as it gets common knowledge that there are never any checks some will start to not do so. And in case of software even if something gets spotted eventually it might have had enough time to cause serious damage
deleted by creator