I hope this gets discussed, I'd be interested to hear what people think.
Personally, I am still more afraid of security implications of closed source products. It's impossible for me to understand my Office 365 privacy settings (and they change regularly and automatically anyway), and I worry I may be inadvertently violating client confidentiality just by using e.g. Word with grammar check on. I also use e.g. AWS and backblaze and have no idea what snooping is done, even if everything is encrypted.
I use some products that require github permission for integration. Calendly seems to ask to be able to read my calendar (I opted to schedule meetings manually). Etc etc. There are so many examples of companies mandating that I trust them.
Re open source, I'm less concerned about core things I use as I am about new "open source branded" companies that are not really community products and send usage updates or other info without asking, and are set up to be monetized.
There is always the change of an actual "malicious" virus / trojan or whatever you want to call it, but I'm more concerned about what the companies involved are intentionally doing as part of their "business model"
I hope this gets discussed, I'd be interested to hear what people think.
Personally, I am still more afraid of security implications of closed source products. It's impossible for me to understand my Office 365 privacy settings (and they change regularly and automatically anyway), and I worry I may be inadvertently violating client confidentiality just by using e.g. Word with grammar check on. I also use e.g. AWS and backblaze and have no idea what snooping is done, even if everything is encrypted.
I use some products that require github permission for integration. Calendly seems to ask to be able to read my calendar (I opted to schedule meetings manually). Etc etc. There are so many examples of companies mandating that I trust them.
Re open source, I'm less concerned about core things I use as I am about new "open source branded" companies that are not really community products and send usage updates or other info without asking, and are set up to be monetized.
There is always the change of an actual "malicious" virus / trojan or whatever you want to call it, but I'm more concerned about what the companies involved are intentionally doing as part of their "business model"