Nostr Web Client

One of my professional titles at some time was "Chief Expert for Open Source" for a very, very large company, so a few people tend to think I know a few things.

Nobody here will check the AOSP source code. Look at the malware injected on NPM packages that was exposed this week: it went for a long time without being noticed. You won't check either the code for that suspicious distro, so all we are left is "trust".

I won't go further to try convincing you of my perspective and I don't really care enough to look into their code to find vulnerabilities which would only be downplayed after exposed.

The red flags are there (compromised hardware, suspicious funding). My time is better used supporting alternatives without such red flags.

Is it really worth to promote (for free) such dodgy projects?

Hanshan 3mo ago

exploits occasionally being discovered is open source working as designed.

"i don't care enough to provide meaningful details" is just a cop out.

bring receipts or stfu.

Reply to this note

Please Login to reply.

Discussion

brito 3mo ago

Go look at any car on the street, full of exploits. None of us need go after the software on those cars to prove a point.

That is quite unreasonable to use as argument, unless you already know it and still try anyways.

Will keep replying, at least keeps nostr active.