this post was submitted on 17 Nov 2023
45 points (100.0% liked)

Free and Open Source Software

17932 readers
107 users here now

If it's free and open source and it's also software, it can be discussed here. Subcommunity of Technology.


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Let's say, I create a bank with the caveat that all of my banking phone apps and webapps are FOSS (or if they depend on non-free components — banks probably do to communicate with each other —, then just OSS). Am I going to be behind the competition by doing this?

If the most secure crypto algorithms are the ones that are public, can we ensure the security of a bank's apps by publicizing it?

Are they not doing this because they secretly collect a lot of data (on top of your payment history because of the centralized nature of card payments) through these apps?

EDIT: Clarifying question: Is there a technical reason they don't publicize their code or is it just purely corporate greed and nothing else?

you are viewing a single comment's thread
view the rest of the comments
[–] freedomPusher@sopuli.xyz 1 points 1 year ago* (last edited 1 year ago)

There is a cost to making a good app.

That cost is actually reduced in the open source world. Wheels need not be reinvented. The bank would only have to code a few basic features as an example, publish the API, and let the community develop their app at no cost to the bank. The bank would only have to finance the code audit and acceptance, which the commercial software producer must do anyway.

For example - I’m currently using a bank because their app is awesomely good (compared to other banks).

Surely you have a low bar for what’s good. Just about every banking app I’ve encountered is not even downloadable unless you have a Google account. That already crosses the enshitification line. You have to create a Google account, share your personal phone number with Google, agree to Google’s terms, let Google harvest your IMEI number, let Google keep track of where you bank (since it tracks every download), trust Google not to sell that info to debt collectors, etc. Then once you have the app, it likely detects and refuses to run inside a VM, thus forcing you to buy new hardware to keep up with updates. Then the app likely has spyware therein simply judging from the excessive perms they tend to require.

Why would they open source it - it means customers might go to other banks who do better on interest rates, or fees.

Are you saying a FOSS app from bank A would simply work on bank B? That they have the same API? Perhaps, but that can be controlled by using a unique API.. though indeed that protectionism would incur an extra cost.