You say that like open source isn't also an illusion of trust.
The reality is, there's too much to verify, and not enough interest for the "many eyeballs make all bugs shallow" argument.
We are, all of us, forced to trust, forced to go without the genuine capacity to verify. It's not great, and the best we can do is look for incentives and try to keep those aligned.
You've missed my point if you think I've made yours for you.
I'm not saying closed source is a silver bullet.
I'm saying OSS also isn't a silver bullet, it doesn't find everything because there's not enough interest in doing this work.
The Log4j example alone, given it took 8 years, is enough to demonstrate that.
Everything is an illusion of trust, nothing is perfect; all we can do is try to align the interests of those working on projects with the interests of society — which is so hard that it's an entire field of study called "politics".
I don't agree with relying on the many eyeballs argument for security, but from a privacy standpoint, I do think at least the availability of source to MY eyeballs, as well as the ability to modify, recompile, and deploy it, is better than "trust me bro I'm your uncle Steve Jobs and I know more about you than you but I'm a good guy".
If you want to, for example, compile a GPS-free version of Android that appears like it has GPS but in reality just sends fake coordinates to keep apps happy thinking they got actual permissions, it's fairly straightforward to make this edit, and you own the hardware so it's within your rights to do this.
Open-source is only part of it; in terms of privacy, being able to see what all is being sent in/out of my device is is arguably more important than open source. Closed source would be fine if they allowed me to easily inject my own root certificate for this purpose. If they aren't willing to do that, including a 1-click replacement of the certificates in various third-party, certificate-pinning apps that are themselves potential privacy risks, it's a fairly easy modification to any open source system.
A screen on my wall that flashes every JSON that gets sent out of hardware that I own should be my right.
> Open-source is only part of it; in terms of privacy, being able to see what all is being sent in/out of my device is is arguably more important than open source.
I agree; unfortunately it feels as if this ship has not only sailed, but the metaphor would have to be expanded to involve the port at well.
Is it even possible, these days, to have a functioning experience with no surprise network requests? I've tried to limit mine via an extensive hosts file list, but that did break stuff even a decade ago, and the latest version of MacOS doesn't seem to fully respect the hosts file (weirdly it partially respects it?)
> A screen on my wall that flashes every JSON that gets sent out of hardware that I own should be my right.
I remember reading a tale about someone, I think it was a court case or an audit, who wanted every IP packet to be printed out on paper. Only backed down when the volume was given in articulated lorries per hour.
The reality is, there's too much to verify, and not enough interest for the "many eyeballs make all bugs shallow" argument.
We are, all of us, forced to trust, forced to go without the genuine capacity to verify. It's not great, and the best we can do is look for incentives and try to keep those aligned.