• xor@infosec.pub
    link
    fedilink
    English
    arrow-up
    90
    arrow-down
    7
    ·
    9 months ago

    after looking into it:
    it’s not and it never was.
    a) it’s open source, so nobody’s putting that shit in there without getting caught
    b) it had an opt-in error reporting feature that would send data back… that was the entire thing…

    • drislands@lemmy.world
      link
      fedilink
      English
      arrow-up
      22
      arrow-down
      4
      ·
      9 months ago

      What? You must be joking. Really? The entire thing was about opt-in error reporting?

      … seriously, that can’t be it, can it?

      • Eager Eagle@lemmy.world
        link
        fedilink
        English
        arrow-up
        22
        ·
        edit-2
        9 months ago

        Not really that simple, it was an apparent change to the privacy policy that vaguely anticipated collection of arbitrary user data, which shook the confidence of the open source community on the project. The fact this happened right after audacity was sold was the cherry on top.

        https://github.com/audacity/audacity/issues/1213

        Changes were eventually reverted or revised.

        • doctorcrimson@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          9 months ago

          Were they reverted? I’ll have to check later, but an official statement from Muse Group stated they provided the data they collected to third parties so idk. If the telemetry is still there then I’m not downloading it, Open Source projects generally don’t need telemetry to begin with.

      • xor@infosec.pub
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        3
        ·
        9 months ago

        yep… really just that…

        i’ve used it forever with a very restrictive firewall and i’ve never seen it do anything unexpected… or any phoning home at all…

      • doctorcrimson@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        7
        ·
        9 months ago

        in 2021 Audacity was acquired by a company called MuseGroup who added unnecessary telemetry and they admit that they do provide the data the collect to third parties. It’s spyware as far as I’m concerned.

    • books@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      ·
      9 months ago

      Point a has always me me wonder, is that accurate? Are there actually people going through the code to make sure open source isn’t malicious? I can barely read my coworkers code… Let alone a strangers.

      • xor@infosec.pub
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        people are definitely going through the code on a project as popular as audacity…
        less well known stuff is much less scrutinized, of course

    • doctorcrimson@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      6
      ·
      9 months ago

      That’s not entirely true, Audacity was acquired by a company called MuseGroup who added unnecessary telemetry and they admit that they do provide the data the collect to third parties. It’s spyware as far as I’m concerned.