Long title, wopsi.

Recently been checking out PIA VPN service(for research purposes), and they advertise their services to be 100% open source. However when checking their Github they don’t seem to have their code base for website there.

So this have had me wondering, when you hear the term 100% open source. Do you expect ALL of what they do, including website part, to be open source? Or just the application / service that they offer?

Lemmyknow your thoughts!

  • stepanzak@iusearchlinux.fyi
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    11 months ago

    I think that the client is what really matters, because AFAIK you have no way to verify what’s actually running on their servers.

    • PeachMan@lemmy.world
      link
      fedilink
      arrow-up
      10
      ·
      11 months ago

      Right, you can’t be 100% sure, but there are measures that they can take to make you trust them a bit more. For example, I believe Mullvad runs systems in RAM and keeps no records of who uses what. You don’t even have to give them your email address; they don’t want it. And they submit to regular audits (provided you trust the auditors).

      Also, if the client matters, then don’t use their client. Use the OpenVPN client instead.