Jump to content

edit


muck

Recommended Posts


2 hours ago, muck said:

Title..

The tool looks awesome, but I feel sad for everyone taking for granted this tool can be blind-trusted ... It's totally closed-source, haven't seen any thoroughly audit on it (actually haven't found any security audit other than those useless VirusTotal scans...

So... where's the source code ? I'd gladly buy a licence if it was open...

It's OK, the tool is closed source, there won't be a source code release, don't use it, and dont buy a license for it, don't be sad :).

jaclaz

 
 

Link to comment
Share on other sites

muck, that argument, as flawed as it is, can be said for the majority of commercial software available.

You can always compare what this tool does to the system by looking at the image files and registry before and after the modifications. There are tools for that.
Also there is sfc /scannow to confirm that kept files are in their original form.

Let's compare it to some popular closed-source commercial application, let's say an antivirus which constantly scans all you do, how is that so trusted by millions of people every day?
And regarding opensource having any guarantee, do you remember the TrueCrypt fiasco? It was (is?) open source disk encryption tool, then after a few years it turned out it had a backdoor so they gave up on it.

If you find something suspicious feel free to ask, I didn't build that trust since 2004 by spreading malware.

Link to comment
Share on other sites

muck, I do appreciate the feedback, but I don't see the solution for that amount of paranoia and idealism, it's simply not practical.
Since I have extra energy and this topic is interesting, let me dig myself in a hole (from your perspective) some more :)

So as far as I have gathered, correct me if I'm wrong:
you use only open source software that you review (or wait enough time for others to review) and compile yourself on each update?

And we concluded that even open source is not safe. Not to mention that majority of Windows users will use pre-compiled binaries, even there anything can be injected regardless of open-sourceness.
Some open source software also has autoupdate - do I even need to comment on that?

It is my personal opinion that you are in the vast minority.
As jaclaz said, this tool is not for you, I believe you can find a ton of scripts that do similar work to some extent.

Why I don't go open source? Because a tool called RT7lite stole everything from my previous tool and bloated it up so it looks to noobs even better (was semi-open source, .NET C#).
So I decided to at least make it a bit more difficult for those kinds of scum. Granted over the years they collapsed under the maintenance weight and gave up, but I have no time for that kind of turmoil, nor I want to upgrade competition for free.
Also I don't see open source breathing quality, quite the opposite. It is my personal experience that closed-source is generally better. Could be due to open-source vision fragmentation, lack of unique management, more funding on the opposite side, whatever it is, it's not as obvious a choice as you present it.

Link to comment
Share on other sites

1 hour ago, nuhi said:

Also I don't see open source breathing quality, quite the opposite. It is my personal experience that closed-source is generally better. Could be due to open-source vision fragmentation, lack of unique management, more funding on the opposite side, whatever it is, it's not as obvious a choice as you present it.

That is not a valid point.

A good, serious dedicated developer (or team of them, if well managed) will produce valid, working, "quality" software.

A lousy/lazy, "volatile" developer - particularly "script kids" - and the "wannabe Steve Wozniak" [1] (or a badly managed team of them) will produce crappy, convoluted, not properly working software.

How the result is licensed is independent from "quality".

jaclaz

[1] Please read as "wannabe Bill Gates" or "wannabe Steve Jobs", those programmers likely don't even know who Steve Wozniak is.
 

Link to comment
Share on other sites

jaclaz, the point was that open-sourceness allows for outside contributions and thus fragmenting the vision, pulling to the side if you get a nice contribution of code that works.
Even if that hypothetical dream team's branch of code ignores all else and continues working on its own; still, to the public, there would be fragmentation.
For example what influenced me was the Media Player Classic HC and BE editions. Always used HC, then after it began branching BE, I liked some added features in it, but HC was more stable at the timespan I tried both so I was forced to wish for BE and continue using HC.
Someone might merge them from time to time, BE even split its most interesting video output layer as a plugin for HC, but bug-fixes and all the potential mess is unavoidable, all delayed going from branch to a branch.
Similar happened to the Android and all the HTC/Samsung garbage on top, delaying the important OS upgrades.
At least now Google is banking on it and charging premium for Pixel's "get updates fast, straight from us".
I still like Samsung's Edge more as a device, and now I'm fragmented once more what to use, merging would be best :). But Cyanogen Mod, aka Lineage OS will now get less love, and it doesn't support newest hardware perfectly.

Anyway, it was just my opinion and I said "in general", there are always exceptions. I ain't expert in open source, I was just asked why not go that route from my limited view of it.

Edited by nuhi
Mobile comment
Link to comment
Share on other sites

I perfectly understand the point you were trying to make :).

Only, it doesn't apply.

Let's take good ol' nlite.

You wrote it.

You maintained it, fixing the bugs and introducing the little fine tunings users suggested.

The thingy is/was solid enough nd good enough.

This ONLY happened because you are NOT a lazy/lousy programmer.

You did not make any money from it, all the non-commercial people were happy to use it even if it was closed source, most of the commercial people used it nonetheless even if it was explicitly prohibited,the few honest people were deprived to use it in a commercial environment.

What would have happened if you decided to open source it?

Nothing much, the same people would have used it. with the addition of a few people more.

Maybe one or two wannabe programmers would have forked it, probably creating a "monster" with a zillion more options, some of which would have worked only on wednesday nights IF there was a full moon.

Nothing much overall, but in any case the quality of your program wouldn't have been different.

jaclaz
 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...