Ventoy source code contains some unknown BLOBs, still no word on the issue from the dev after months - eviltoast

I had no idea this issue had been identified. While I find this tool very useful, the project is seeming rather questionable to me now.

  • ulkesh@beehaw.org
    link
    fedilink
    English
    arrow-up
    3
    ·
    2 months ago

    Exactly. Acting like this is an “ah-ha, see?!!” moment when this is exactly what open source is designed for. That’s like saying global warming is a hoax because “oh look it’s snowing”.

    • delirious_owl@discuss.online
      link
      fedilink
      arrow-up
      1
      ·
      2 months ago

      Well, it is an “ah-ha, see!” moment, because it shows the benefit of open source.

      Its more like pointing at the absence of a glacier on a mountaintop and saying “yep, see, climate change does exist”

      • ulkesh@beehaw.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 months ago

        I was referring to the commenter and how it read to me :) But agreed, what you said, too.

    • PowerCrazy@lemmy.ml
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 months ago

      This isn’t a knock against opensource programming, but there shouldn’t ever be precompiled blobs in the repo unless they are the official builds for the various OS’s and if you want to build from source, the pre-compiled blobs shouldn’t be part of that, otherwise you can’t really claim you are opensource.

      • ulkesh@beehaw.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 months ago

        Yes, and that’s what is being called out here. But your original comment makes it sound like you are advocating for closed source software and that somehow open source software is bad.

        This is the system working as intended. When potential issues arise, it’s openly discussed and ideally resolved. And if not, trust is lost and people will stop using it.

        • PowerCrazy@lemmy.ml
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          2 months ago

          I don’t know about the history of the project, but it sounds like those blobs have been there for quite some time. When in reality, the PR that added the blobs in the first place shouldn’t ever have been approved.

          Actually just checked 3+ years.