This is an update to a post that was previously shared in the community: Concerns Raised Over Bitwarden Moving Further Away From Open-Source
Mirror of what xxkylexx, Bitwarden Developer, said on Reddit:
Hi, Thanks for sharing your concerns here. We have been progressing use of our SDK (software development kit) in more use cases for our clients. However, our goal is to make sure that the SDK is used in a way that maintains GPL compatibility.
- the SDK and the client are two separate programs
- code for each program is in separate repositories
- the fact that the two programs communicate using standard protocols does not mean they are one program for purposes of GPLv3
Being able to build the app as you are trying to do here is an issue we plan to resolve and is merely a bug.
From how I understand it, it appears they are saying that the bug was that it was possible to build externally.
Oh thank Christ. I was afraid this was Lastpass all over again.
Even if they are backtracking with egg on their face, this is good. Maybe better. Now they know they can’t get away with this stuff.
Not now anyway, now it’s just laying in wait.
Every company does this, they put out a trial balloon, see how badly it tests, and then just wait for the right time when nobody notices. Usually during real crises in the world.
I hate how right you are.
I hate how right you are about them being right.
Yeah it hurts but it is what it is.
Discerning consumer must vote for their wallets and educate
Man, I really hate seeing comments like this. I feel like I need to reiterate that BitWarden is NOT an open-source company. They are committed to providing open-source compatible products with their products. Two very different things.
If they feel their product is somehow lacking or affected by whatever they are packaging right now, they are completely free to change it. They also have no barriers to entry for users who wish to use another client.
It’s really not a big deal.
Man, I really hate seeing comments like this.
That’s not a strong way to start a comment if you want to have a conversation.
I feel like I need to reiterate that BitWarden is NOT an open-source company. They are committed to providing open-source compatible products with their products. Two very different things.
I don’t particularly care about your feelings, but go right ahead.
I’m curious though, did I say or imply they were AN OPEN SOURCE COMPANY ™ (whatever the fuck that even means?)
If they feel their product is somehow lacking or affected by whatever they are packaging right now, they are completely free to change it.
Of course. And I’m free to post on this fucking website how I feel about it.
Isn’t all this freedom to discuss our feelings just fucking great?
It’s really not a big deal
Options about this obviously differ.
That’s not a strong way to start a comment if you want to have a conversation.
Neither is tone policing.
Dang, you angry.
Are they backtracking when they have stated that it’s a bug?
That’s why I said “even if”.
“Even if” it’s not really a bug and they are backtracking, then [rest of comment here].
I interpreted your comment correctly. Make sense to me in context of the OP.
Even if they are backtracking with egg on their face
Your comment can be read in more than one way.
Maybe, if you have bad reading comprehension.
Or I can determine multiple interpretations. I’m a master at puns and that takes the ability to detect alternative meanings or phrasing and how they can relate to each one. “If you’re not patient you might become one.”
Can you explain that one then because I’m really not seeing what you’re saying.
I find myself unable to explain it. I had it earlier but I am tired and frustrated and not thinking clearly. And if I am unable to explain it then it doesn’t really matter.
When I dropped LastPass I found Bitwarden and liked them mainly because of the open source. I pay them for the software so that it can remain free and open. If that stopped, I would also stop paying them for it.
My renewal is coming up. I’ve been a premium customer for probably 7 years or so, I’m not renewing.
This wasn’t a bug, this was a toe in the water to gauge the temperature.
Like it or not, this means they’ve chosen a path, and nothing is going to stop them from going down it. The only variable is the timetable.
well, it is up to you. me as premium user I am fine with their change and policy as long as Bitwarden does not mess up like Lastpass with data breaches and one active device policy.
Okay, I’m a bitwarden user who hasn’t been online much in the last couple weeks because of school. Bit ootl. Wtf happened exactly?
To borrow a phrase that is fast approaching cliche, the enshitification process has begun.
They sent out a trial balloon by updating licensing to move further away from an open source model, with a wide range of implications.
They’ve now backed off claiming “it was a bug”, but it’s not like their MBA’s are business strategy wunderkinds. They’re just rehashing the same old strategy, and going by the downvotes my comment received, there’s still an audience that believes them.
But who are they kidding? This isn’t going away, and when someone shows you who they are, you should believe them.
Like I said earlier, the only variable is the timetable. The destination is a foregone conclusion.
Same here, I dont need the paid version. I pay so they can keep their free version free for peoppe who cant pay.
Knowing VC funding came and now this debucle got me spooked.
Same, I specifically paid for premium to do my part in ensuring they don’t need VC funding :(
And now that you know they still took VC funding, are you still going to keep giving them your money?
Honest question, because I’m in your same boat and I know I’m not.
TBD frankly… But i am ready to move if needed.
Yup, same here.
That tweet has such a clinical PR tone to it that is not helping put me at ease and im probably going to be moving my vault
Also this doesn’t really fully address the issue as I understand it?
There is no issue here from Bitwarden POV, except the pushback they receive now.
Bitwarden got VC funding and the bell is ringing to bring the cows back in to be milked dry.
They are testing the water to see how people react, scale back a bit through whatever lies/PR, and will just wait for the right time to shove more shit.
This is a pattern we’ve seen over and over again.
I know this is a completely separate thing, but something about the current redesign they’re pushing is making me very uneasy, as well. It feels very much like corporate focus-grouped, iOS chasing crap, i.e not at all interested in the type of power user and FOSS types that initially embraced it.
Moreover, when someone asked for compact mode (again, as people have been asking for it from the beta for at least a year now), the response was some of the most PR shit I’ve seen from a FOSS developer.
They legitimately defined something as basic as compact mode as a “power user” thing that they’re “considering”. And routinely reinforced how much they “value” power users, whole also suggesting their robust search function.
A bunch of people had to demand the Android Beta app restore Quick Tile functionality because the dev team got in their heads it wasn’t necessary to have a manual trigger for auto-fill.
Just feels like a lot of disconnect coming from the development side and its not inspiring confidence.
That tweet has such a clinical PR tone to it that is not helping put me at ease and im probably going to be moving my vault
Calling open source a “licensing model” in particular sounds like MBA-speak.
I’m not sure how it could be a bug but I notice a lot of complaining(1) and calls to move to KeePass. It reminds me of the complaining(1) about Windows and how everyone should move to Linux. Lemmy was itching to torch BitWarden. We seem to have a mob mentality, with little ability to consider possible explanations and multiple factors.
- I’m tempted to put bitching.
As a long time Linux + KeePass user:
FUCK Windows and Microsoft for everything they’ve done to the general public and open-source software with their shit. Yeah yeah they are turning around, but still fuck them.
I have no strong feeling towards Bitwarden, but I will never put my secrets into anything non-FOSS. And I sync it with my Nextcloud.
Stallman was right about software.
I thought bitwarden was open source?
Was yes. They have introduced an “internal sdk” into all their clients with no available source code. That’s what everyone’s complaining about. They call it a “packaging bug”, but in reality Bitwarden clients are just no longer open source.
Turning around in circles maybe.
I don’t disagree with you. It’s just that it’s not black and white. Your boss says no, you don’t try to go around. My wife says that she will only use Windows, yes dear. I use Debian, Raspbian, Windows 10, and Windows 11. Windows 10 feels the most comfortable and has the best compatibility. But yeah, I’m not a fanboi.
My SO switched to Linux with their latest PC, since they don’t need anything specific. Never even noticed much of a difference. They even play old games on it just fine.
I am in a priviledged position to not accept positions of work which hard-require Windows. I did work for companies with soft-requirements, but it was a corporate with solid Linux community, so they had workarounds for everything.
I’m not saying it’s easy to live the FOSS dream, but if one has the priviledge, they should choose to do so.
She knows Windows. I have thought of asking again but Linux isn’t exactly known for user friendliness, no matter the distro and WM.
I agree with using FOSS when feasible.
Lemmy is hilariously reactionary and fickle. Never found a windmill that couldnt be tilted at.
I’m not sure why that still surprises me considering it’s made up of a ton of people who self selected to leave a site in protest.
I’m still happy to use and pay for BitWarden. All I see are KeePass fanbois trying to throw shade at a company they don’t like.
And KeePass is great, too, but it isn’t going to be for everyone, and that’s not an indictment of its quality or utility.
Yeah, I am fine with their new policies as long as Bitwarden does not mess up with data breaches or annoying feature such as one active device policy like Lastpass.
Current Lemmy will circlejerk about the end of any company or product with the smallest nudge.
Every slightly negative post above a certain threshold of views will have comments about abandoning whatever thing it’s about.
I’ve been paying for proton mail for a couple years now. Decided to stick with Bitwarden when proton announced their password manager as I liked it more. Based on this fiasco I gave it a second look and so far I’ve been liking it. I haven’t committed to abandoning Bitwarden, but I’m certainly on track to.
They’re not really comparable since Bitwarden has the source available for auditing and Proton Pass (server) does not.
Heh, this is exactly what I went through today. I’m a paid Proton user, but ignored Proton Pass when it came out because I was already well-entrenched with BitWarden. Decided today to give it a real look. Generally pretty pleased with what I’m seeing, though I’m not entirely committed to shifting platforms.
Riiight…
