600

Concerns Raised Over Bitwarden Moving Further Away From Open-Source (www.phoronix.com)

submitted 22 hours ago by AsudoxDev@programming.dev to c/technology@lemmy.world

128 comments fedilink hide all child comments

top 50 comments

sorted by: hot top controversial new old

[-] ealoe@ani.social 2 points 24 minutes ago

Some guy at bitwarden clicks a button wrong on a license drop-down option and all these people crawl out of the woodwork to declare the end of bitwarden being trustworthy. Nothing in the article or the company's statements indicates an actual move away from open source. Big nothingburger

[-] gwen@lemmy.dbzer0.com 2 points 24 minutes ago

can we start reading the articles and not just the headlines??? it literally says it's a packaging bug

[-] ayyy@sh.itjust.works 1 points 7 minutes ago

600 upvotes and only 10 downvotes on literal fake news. This community is brain dead trash.

[-] mli@lemm.ee 15 points 1 hour ago

Update: Bitwarden posted to X this evening to reaffirm that it's a "packaging bug" and that "Bitwarden remains committed to the open source licensing model."

According to Bitwardens post here, this is a "packaging bug" and will be resolved.

[-] Shape4985@lemmy.ml 6 points 1 hour ago

I use to always recommend bitwarden to people. Now i feel like an idiot for doing so with them switching up. Ill be making the effort to move to keepassxc soon and host it myself.

[-] octopus_ink@lemmy.ml 3 points 36 minutes ago

They literally posted that this is a packaging bug and will be resolved.

[-] GhiLA@sh.itjust.works 1 points 1 hour ago

...host it?

...is there something I've been missing out on? Can one host a KeePass vault online? We have web apps? I only know about the Nextcloud ones. I've just been using syncthing and merging the conflicts when they happen.

[-] ArkyonVeil@lemmy.dbzer0.com 13 points 3 hours ago

I wonder~ I wonder~ I wonder whyyyy...

[-] terminal@lemmy.ml 4 points 2 hours ago

Keepass. Keep it simple.

[-] johannesvanderwhales@lemmy.world 1 points 6 minutes ago

If you want to roll your own with keepass that's fine, but most people will want a more comprehensive solution.

[-] Routhinator@startrek.website 6 points 3 hours ago

Alright does anyone have opinions on Nextcloud Passwords? There's apps for it and it would sync to my Nextcloud.

I hate this. Bitwarden has been a good app.

[-] GhiLA@sh.itjust.works 2 points 58 minutes ago

Nextcloud passwords is just a client for a KeePass vault.

I guess it's as good or bad as that can be, but I'm sure it's limited in functionality to KeePassxc with plugins.

[-] Routhinator@startrek.website 1 points 5 minutes ago

TIL... Thanks.

[-] magnus@lemmy.ahall.se 27 points 6 hours ago

Daniel García, owner of the Vaultwarden repo, has recently taken employment for Bitwarden.

The plot thickens.

[-] NanoooK@sh.itjust.works 46 points 13 hours ago

Great, I've just started to use it last week 🤡

[-] Scrollone@feddit.it 9 points 5 hours ago

Just switch to KeePassXC

[-] cmrn@lemmy.world 104 points 15 hours ago

How many times do I need to pack up and move to the next “best option”

[-] cy_narrator@discuss.tchncs.de 23 points 11 hours ago

Just go to Keepass and its over

[-] doktormerlin@feddit.org 1 points 29 minutes ago

That's far from the best option. It's working, but it's super complicated compared to Bitwarden and other cloud password managers. Imagine telling your grandma "just use keepass", she would never be able to make it work. But Bitwarden? Lastpass? That's possible

[-] JustARaccoon@lemmy.world 46 points 15 hours ago

Sadly as many times as needed, complacency is how these companies get "loyal customers" who are willing to put up with bs

[-] ShittyBeatlesFCPres@lemmy.world 118 points 17 hours ago

Oh, for fuck’s sake. Can we have a decent password manager that isn’t tied to a browser or company? I pay for Bitwarden. I’m not being cheap. But open source is more secure. We can look at the code ourselves if there’s a concern.

[-] shortwavesurfer@lemmy.zip 9 points 5 hours ago

Its called Keepass. You are welcome

[-] asap@lemmy.world 6 points 9 hours ago* (last edited 9 hours ago)

Nothing in the article or in the Bitwarden repo suggests that it's moving away from open source

[-] coolmojo@lemmy.world 1 points 14 minutes ago

It is a license problem. The license condition of the SDK which is required to build the client app change to limit the usage of it. The new license states that you can only use the Bitwarden SDK for Bitwarden. It is against the Freedoom-0 of the Free Software Foundation. The limitation of English language is that it is hard to differentiate between Free (as in Free bear) and Free (as in Freedoom). Also open source which could mean complaining with FOSS and that source is available. This been unfortunately have been abused before.

[-] Telodzrum@lemmy.world 58 points 16 hours ago

Keepass: Am I a joke to you?

[-] sigmaklimgrindset@sopuli.xyz 22 points 13 hours ago

Love Keepass. Love that I can sync it however I want. Love that there are multiple open source client options across several operating systems.

[-] saddlebag@lemmy.world 21 points 10 hours ago

Android syncthing announced they’re stopping development this year. Open source got fucked double today

[-] prosp3kt@lemmy.dbzer0.com 9 points 10 hours ago

terrible day. There is a fork called syncthing-fork that is under current development. I hope both projects merge.

load more comments (12 replies)

[-] unskilled5117@feddit.org 188 points 21 hours ago* (last edited 16 hours ago)

This is an important issue IMO that needs to be addressed and the official response by Bitwardens CTO fails to do so.

There is not even a reason provided why such a proprietary license is deemed necessary for the SDK. Furthermore this wasn’t proactively communicated but noticed by users. The locking of the Github Issue indicates that discussion isn’t desired and further communication is not to be expected.

It is a step in the wrong direction after having accepted Venture Capital funding, which already put Bitwardens opensource future in doubt for many users.

This is another step in the wrong direction for a company that proudly uses the opensource slogan.

[-] irotsoma@lemmy.world 7 points 10 hours ago

They're basically trying to get rid of vaultwarden and other open source forks. I expect they'll get a cease and desist and be removed from github at some point in the not too distant future if they don't make some changes. I have a vaultwarden instance and use the bit warden clients. Guess I'll need to look for alternatives in case Bitwarden decides to get aggressive.

load more comments (8 replies)

load more comments

this post was submitted on 20 Oct 2024

600 points (98.4% liked)

Technology

58795 readers

3043 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS