this post was submitted on 13 Oct 2024
39 points (89.8% liked)

Opensource

1403 readers
18 users here now

A community for discussion about open source software! Ask questions, share knowledge, share news, or post interesting stuff related to it!

CreditsIcon base by Lorc under CC BY 3.0 with modifications to add a gradient



founded 1 year ago
MODERATORS
 

it is a concern to me because there is no plan to do security audit despite people asked about ti in the past.

https://github.com/rustdesk/rustdesk/discussions/8392

https://github.com/rustdesk/rustdesk/discussions/4968

Not in their roadmap

https://github.com/rustdesk/rustdesk/discussions/918

people had concerns about the company:

https://www.reddit.com/r/rustdesk/comments/11nu94y/is_rustdesk_a_scam/

As HN: RustDesk Installs Chinese Root Certificates

https://news.ycombinator.com/item?id=39256493

top 12 comments
sorted by: hot top controversial new old
[–] [email protected] 16 points 1 month ago

Rustdesk is strange. It may just be a nice tool with some edges. But they failed to submission to Flathub for example because they wanted very high privileges with no explanation like read/write on all files.

[–] BB_C 7 points 1 month ago* (last edited 1 month ago)

The only time I took a gander on their repo, I saw the main guy asking ChatGPT how to implement something, and pointing the main dev at the answer.

Also, the pay-per-PR approach, while commendable on the surface, has a very high potential of unwanted behavior sneaking in, intentionally or otherwise, especially when combined with such blasé approach to coding and review.

This is perhaps a case where Rust's superiority lead to questionable net gains. In the sense that if it wasn't for Rust, such an approach would probably never have produced a product that appears, for all intents and purposes, to be perfectly functional, performant, and stable (presumably, I never used it). Rust allowed here, despite the "hard language" stereotype, a Lego model of development to work. But is that at the end of the day a good thing? That's an open and nuanced question.

But hey, it's all open source. If (the collective) you don't like it, fork it and fix it, or pay for the audit, or use something else. Don't expect anyone to shed a tear for your alleged quandary, or become a soldier in your witch hunt.

[–] [email protected] 4 points 1 month ago

Thanks for sharing