🧵 👆🏼 @Pantherina
3. Firefox does not vet all their extensions either. They tag those with "This add-on is not actively monitored for security by Mozilla. Make sure you trust it before installing". Take for example this well known extension:
@Pantherina
I agree, although there are three things worth mentioning:
The conventional Android is not that opensource. It is bundled with tons of proprietary Google stuff. That's why de-googled Android does not provide as smooth experience.
Android does not restrict you to "only OpenSource" components. WhatsApp for example is widely used and is not FLOSS.
🧵👆 @Pantherina
Yeah yeah, I know, we (i.e users) rarely exercise our right to read the code as they are sometimes large and complex and we might not even have the know-how as well. But unlike any proprietary code, in #FLOSS tools user have the complete right to inspect the code and then decide to use it or not. Good luck doing that with for instance Apple or Microsoft proprietary tools.
So let's also blame ourselves for not exercising our right to inspect such simple and small codebase.
@Pantherina
I'm sorry that this bug have happened.
But did you, or whoever faced this bug, "eat" it with your "teeth" though? No they didn't. Why? Because like any proprietary software, OpenSource tools also come with certain terms and conditions that user is expected to read, digest, understand, accept, and then utilize the tool:
One obvious fact that I though would never need to be reiterated (but here we are):
Almost all OpenSource licenses approved by OSI and/or FSF have "Disclaimer of Warranty" clause in one way or another. This is from MIT:
THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
At some point we should understand and agree that PEBKAC is a real thing. Logic dictates not to blame Linux and hotdog, and instead understand the consequence of using unverified/unvetted software.