Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
Look at the source code, particularly anything that executes processes or calls out to a server
-
mt3o19136yIf you don't want to read the source code, you can take the usual black box approach. Tcpdump, netstat, strings, strace, debugger... You know, the real difference is that you are legally allowed to check this stuff with open source software. Commercial softwares EULA treat reverse engineering attempts illegal.
This was one of the reasons the Opensource movement was founded by Richard Stallman. -
@mt3o woah. I have rev. engineered a few commercial software recently. Did know that this is illegal. "As long as I am not modifying it for the bad, I should be fine" was my motto. But damn...
-
Ederbit7266y@segfault0xff That's quite hard isn't it. A millon lines of code and somewhere is a backdoor. I wouldn't trust me to notice it.
-
mt3o19136y@-ANGRY-CLIENT- it doesn't matter if for good or bad.
Did you know that you are not allowed to design weapons of mass destruction on Apple computers? EULAs prohibit that.
Related Rants
Let's asume I wan't to use software X. I notice software X is open source.
How do I validate that said software doesn't do shady stuff?
Is there some kind of platform which lists the audits of each software or alerts the internet if shady stuff happens?
I know about alternativeTo.net, where you can find software alternatives with licencing filters. (Which is great btw) but I'm missing proper validation of open source software...
rant
auditing
open source
validation
foss