←back to thread

Bitwarden is no longer free software

(github.com)
238 points ferbivore | 2 comments | 20 Oct 24 08:51 UTC | HN request time: 0.603s | source
1. Technetium ◴[20 Oct 24 14:06 UTC] No.41895451[source]
When I paid, it was with the expectation of supporting something open source. That's why I came to Bitwarden from Lastpass. This is really twisting the dagger in my back. They're probably preparing for an acquisition, since they have hit the same financial inflection point that CEO Michael Crandell was at previously when selling RightScale: https://bitwarden.com/blog/accelerating-value-for-bitwarden-...
replies(1): >>41898553 #
2. rstuart4133 ◴[20 Oct 24 21:18 UTC] No.41898553[source]
Right on that page, data 2022, it says:

    What’s going to change?
    * Bitwarden remains committed to
        * An open source architecture
Not any more, apparently. It's a dangerous move. Open source has lots of nice properties, but the one that matters here is its security. It never ceases to amaze me how companies champion their opaque binary blobs as secure. (Hello Intel Management Engine!) Well, now has joined the ranks of IME and Juniper switches.

Moving to closed source is a high risk move for them. While I haven't paid for software in a long while I can and do pay for the security. Bitwarden stores the information I consider my most precious, and private. Which is why I'm paying for bitwarden. But it's just software, it doesn't matter where the bytes that call themselves "bitwarden" come from. Anybody can fork it and serve up those same bytes. Someone setting up a mirror of bitwarden that only uses open source software will get my money. (Suggestion: if you do this, each to reproduce built instructions that yield the same binaries you are running, and that I download into my various devices would be very nice.) I don't consider my passwords to be secure unless they that are managed by open source software.