292
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 09 Jan 2025
292 points (100.0% liked)
Fediverse
30297 readers
594 users here now
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!
Rules
- Posts must be on topic.
- Be respectful of others.
- Cite the sources used for graphs and other statistics.
- Follow the general Lemmy.world rules.
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy
founded 2 years ago
MODERATORS
They can do whatever shit they want with their instance and believe whatever they want. The software they make provably doesn't have any more biases than any other software. As long as that's the case, I'm fine.
Maybe there's something in the codebase that sends all our data to North Korea... who knows.
We do, because it’s open source
Have you read all the code though? Everyone assumes that somebody else will read every single file of the source code, and understand it all. Malicious code can be obfuscated.
Personally, no. However the technical lead of our instance has, and in fact wrote and debugged some of it.
Even a technical lead of an instance may not have read every single line of code because codebases these days are pretty large. Typically you might look at the code you're working on, but not necessarily the entire codebase.
Hopefully Lemmy doesn't have anything malicious in it, but it's possible to sneak malware into open source projects. This sort of thing happened to XZ Utils last year.
If you are worried about the Lemmy codebase, there is https://piefed.social/
It's still another codebase you need to trust, but in this case the devs don't have specific political views
Yeah I've heard of that, maybe I should look at it more. Hopefully the Lemmy codebase is fine though. I'm just saying it's possible, even if perhaps unlikely, that something could be lurking in the code which nobody has discovered yet. The XZ Utils backdoor was well-hidden and happened to be discovered, but maybe malicious code isn't always discovered.
Next time, do something like suggesting that vaccines don't work, to entertain me.
I'm not raising a conspiracy theory point, I'm raising what is surely a valid point: everybody assumes that someone else will read all of the source code and understand it all.
Codebases are large, and malicious code can be obfuscated. Hopefully Lemmy's code is fine, but I definitely don't know for certain that it's completely clean. I just hope that it is.