• Dessalines
    link
    fedilink
    27
    edit-2
    1 year ago

    Be aware that this is a closed source app, and since lemmy doesn’t currently have proper oauth, that it could potentially be storing your login creds. Be very wary of any lemmy app that isn’t open source.

    • @figaro@lemdro.id
      link
      fedilink
      21
      edit-2
      1 year ago

      That said, this dev is a legend and has been around for over a decade. His reddit app was monetized directly through buying a pro version of the app.

      • Refurbished Refurbisher
        link
        fedilink
        81 year ago

        I’m a big fan of trustless computing, which requires apps to be open source, or at the very least, source available.

        Trust and security just don’t mix in my eyes, since supply chain attacks are much easier when using a trusted platform vs a trustless platform, where it’s still possible to perform a supply chain attack, but since there are more eyes on it, it is much harder.

        • @can@sh.itjust.works
          link
          fedilink
          2
          edit-2
          1 year ago

          If it ever gets sold to a big corporation I’ll feel the same way but as it stands it’s been developed by one guy who has gained my trust over a decade.

          I understand there are inherent risks in that and I approach it on a case by case basis.

          • Dessalines
            link
            fedilink
            71 year ago

            A trustworthy person doesn’t require you to trust them; they don’t keep secrets from you, and are an open book. Beware anyone asking you to “just trust them”, which is what the authors of all closed source software demand of you.

            • @can@sh.itjust.works
              link
              fedilink
              2
              edit-2
              1 year ago

              I see your point but unfortunately I don’t think his patreon can cover costs as well as a “premium” version of his app will. You know more about open source than me (obviously) so what would stop someone from taking his code and making a free app with the premium features? Are you against his entire business model, the nature of the code, or both equally?

              For the record I am glad to see many good open source apps like Jerboa.

              • Dessalines
                link
                fedilink
                51 year ago

                There’s nothing preventing him selling the app or a premium version, while still open sourcing it. Free as in freedom, not as in beer. Open source makes no demands or says anything about how you choose to monetize.

                Someone releasing a fork nowadays seems even more difficult than downloading an unlocked apk anyway. If they want your app for free, they’ll get it.

                • @can@sh.itjust.works
                  link
                  fedilink
                  31 year ago

                  Your last point really does seal it actually. If people want it you can’t prevent them from finding a way. But in this specific case I’ll still support it since I’m sympathetic to how he was betrayed by a corporation.

    • @erwan@lemmy.ml
      link
      fedilink
      51 year ago

      An Open Source app that you don’t compile yourself after reviewing the source code has the exact same risks.

      There is no guarantee that the version of Jerboa you install from the Play Store corresponds to the source code you see on GitHub.

      • Dessalines
        link
        fedilink
        131 year ago

        It’s also on f-droid, which does their own builds, and you could also compare the build with one you do on your own machine. So no, you don’t have to trust me.

    • Refurbished Refurbisher
      link
      fedilink
      31 year ago

      This is kind of where I’m at. Using Jerboa (thanks for that, btw) rn, and probably going to switch over to LemmInfinity once that’s more stable.

      • Dessalines
        link
        fedilink
        61 year ago

        There are some ideas for it, and a PR which puts some of them out there, but not anytime soon.