I’m note a programmer. I Don’t Understand Codes. How do I Know If An Open Source Application is not Stealing My Data Or Passwords? Google play store is scanning apps. It says it blocks spyware. Unfortunately, we know that it was not very successful. So, can we trust open source software? Can’t someone integrate their own virus just because the code is open?
True, but these have been identified pretty quickly, they’re not insidiously harvesting data in the background over long periods.
Well, we have detected those that have been detected. It is possible that there are some sleeper repos no one has detected yet.
But it is not really a problem or something bad with FOSS, just have to be careful when including and updating libraries, which you always have to be!