I’m note a programmer. I Don’t Understand Codes. How do I Know If An Open Source Application is not Stealing My Data Or Passwords? Google play store is scanning apps. It says it blocks spyware. Unfortunately, we know that it was not very successful. So, can we trust open source software? Can’t someone integrate their own virus just because the code is open?
Well, not exactly.
Some open source projects have many contributors, and while they’re working on fixing bugs and adding new features, the chances that no one would notice say, a key logger or crypto miner are very slim.
Other opensource projects are maintained by large sophisticated organisations who would monitor security in some fashion. They would monitor for obvious things like transmitting data at the very least.
That’s not a 100% guarantee of security, but it’s not as reckless as just hoping someone will check.