• drosophila@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    3 days ago

    Why would any of this be about you personally?

    Uh, hello? Do you want to think about why I wrote that? Do you need me to explain to you the idea that other users of the extension are mostly self interested but it is in their best interest to cooperate and share information if the extension is bad? That the greater the number of people with access to the source code the less likely it is that some subset of them could cooperate against some other subset? And therefore the more people looking at the source code there are, the less you have to trust any single person? You know, the same reason you won’t follow a single person into a dark alleyway but are comfortable standing in a crowded street? Because the first subset being “everyone”’ and the second one being “only you” is an extreme case that is basically impossible to happen, just like the Ohio conspiracy? Do you understand what a negative example is or are you gonna comment back “wow I can’t believe you think Ohio doesn’t exist and everyone in the world is out to get you, you must be a paranoid schizophrenic”?

    I honestly can’t take you seriously when this is your view of security

    This is the view of the majority of people that work in netsec. There’s a general sentiment that we should be reviewing code more, relying less on single-developer projects, and getting reproducible builds for everything, but nobody serious thinks that access to source code is a bad thing and usually it’s regarded as a positive.

    So in that sense uBlock is kinda bad because Gorhill does the vast majority of the work, but it would be even worse if it was closed source on top of that.

    "we caught em once so the system works”.

    As opposed to your system where you throw your hands up and say “you’re screwed either way, nothing you do matters, just admit it and give up!”, which has famously done so much good in the world.