Exactly. On one hand, I have LJ whose app I've used for over 10 years and never had a problem with. On the other is an open source app I know nothing about and I'm not going to pour over code to inspect.
LJ Burns me? I'll find a new app. So far it's never happened in the last decade.
I find warnings like this rather amusing, because unless you compiled it yourself, even an open source application could secretly have malicious data-harvesting code added to it.
You can check the code for unintentional vulnerabilities, or intentionally added in by a contributor, but you can't do anything about something intentionally added in later in the process by the person responsible for managing the build and distribution of the application.
Makes sense to be on that site, since a lot of Lemmy users are probably interested at least in part due to the FOSS nature of it. Maybe it doesn't need to be phrased as a "warning" though, more just as an FYI. Seems like it could scare people away thinking it's a data harvesting tool, but such is life.
It is logical. With open source software, the source code is out there for everyone to see how user data is being handled. But with closed source, you can't, it's a black box, so you have to trust the developer on how user data is handled.
I mean yeah, it's a closed source app. The most that could possibly be collected is your IP alongside browsing habits. Your ISP already does that and definitely doesn't care who gets it, so anyone who is concerned already uses a VPN.
It is what it is. When the app is this good, the warning doesn't matter all that much. You can tell by the activity on this community that Sync is one of the most popular apps anyway.
Btw, that's the first time I've seen the redesigned join-lemmy site and it's pretty slick imo. Not sure when they updated it, but it definitely didn't look like that when I joined 😅
So should you have that comment on every instance that you don’t own? Because whatever instance you join can collect all that information too even if the software is open source. A site owner can trawl the database and get all your private info that you supply too.
The site owner could just modify the source code they run too. It's not like, as a user, I can prove the server is running the same code that I can see in the public repo.
while i think it's not bad having this warning i can say sync's a good app you can trust. maybe the only closed source lemmy app you can trust. the last time i paid for a closed source app, it went eol way before i thought. hope lj doesn't do that 🙂.