Open source is in the news again. Microsoft has "open sourced" Copilot and WSL. Every dev in the world seems to be jumping with joy and are so quick to frame this as some sort of moral victory. The average person is typically pro-privacy and consumer rights, the same very much applies to devs and open source is hailed as a champion of both those attributes. Devs have even more stake however, as someone who creates software it's often understood that open source can in some cases improve security and allow for innovation. These are undeniably good things but within them lies an unseen venom.You see, open source is often used as a synonym for free (as in freedom) software. The only comparable aspect is the public visibility of a projects source code. The first difference is licensing semantics. To my knowledge, Microsoft has published all of its open source software under either the MIT license or some proprietary concoction. The MIT license allows for the code protected under it to be incorporated into closed-source software. Enter GPLv3, all code protected under GPL must remain open in any adoption, fork or re-publication. Now normally I'm not one for rules, I'm typically very against telling people what they can or cannot do with their software, technology, or anything else really. Hell, that's why I love free software in the first place. However, by forcing any re-use or distribution of free software to remain open, we prevent many of the pitfalls of typical open source.That leads me to my next point. Open source does not in any way mean privacy respecting or consumer friendly. Sure that's typically the case but there's no actual rules stating that open source software has to respect individuals rights. Look at all the bum-ass infostealers, trojans and other BS commodity malware out there on GitHub. The pro to permissive licensing is that spyware can be stripped out but it's not the default, it's the same exact ploy as all of the opt-out corporate data harvesting done on every social media site in existence, they know that most people won't go through the effort to do it. In fact, it's very likely that most users won't even know it's in there. There's so very few people who actually read the source code of the open source software they're downloading, I'm guilty of it myself. Because open source is riding off the privacy-respecting legacy of free software, everyone assumes that every GitHub repo they clone is a bastion of privacy and security.Again, I'm brought to my next point. While open sourcing software does provide the ability for ad-hoc security audits and a broader set of eyes inspecting a project, it's the ability, not the guarentee. Just because something is open source does not make it secure, not without a lot of work from a lot of unpaid security folks. Look at how often major vulnerabilities in open source software are looked over for years. This is not unique to open source software, free software has the same problem, as does closed source. It's just something that is taken for granted when someone sees the open source sticker slapped on another heap of corpo junk.I'm sure there's more I can and will say about open source vs free software but for now it's extremely late (or early). So I'll wrap it up here, open source is the "organic" label of the software world. It comes with all of the accolades, when really it's an almost meaningless acomplishment that overshadows the real champions.Hack the planet!andYou may stop this individual, but you can't stop us all... after all, we're all alike.Until next time.