
Vivaldi Browser and Open-Source - baal80spam
https://vivaldi.com/blog/vivaldi-browser-open-source/
======
latexr
If someone from the Vivaldi teams reaches this comment section, I have a few
questions.

As I understand it, the major reason you don’t publish everything as open-
source is to protect the Vivaldi brand, which you feel would be difficult
because Vivaldi is not yet a household name:

> When it comes to large projects that have been around for long enough or are
> household names, people won’t take notice of the fork.

> However, as Vivaldi is still small and could be easily overshadowed, this
> makes our brand more vulnerable and not just in terms of revenue.

Does that mean that if Vivaldi became as well-known as Firefox or Safari,
you’d be open to open-sourcing everything?

> only 5% is our UI closed-source code.

> (…)

> If a new project based on our code implements features that are
> fundamentally against our ethics (damaging to human rights or to the
> environment in some way, for instance)

Can you provide a concrete example on how a malicious actor could damage human
rights or the environment from browser UI code (HTML+CSS+JS on the Desktop,
Chromium’s Java UI on Android)?

> there is some security-relevant code in the UI as well. If you think that
> specific security-relevant parts of the UI should be open-sourced to make
> Vivaldi more trustworthy, let us know and we’ll consider putting it out as
> part of our code bundles, so you can check it for yourselves.

Even though I’d be unlikely to personally review it, yes, I do think that’s
important.

I will note that I’m not a Vivaldi user partly because I don’t feels its open-
source components are shared adequately. Browsing the code is an inconvenient
task: it has to be downloaded as a single 1.5GB tarball from a webpage
([https://vivaldi.com/source/](https://vivaldi.com/source/)), which means code
changes aren’t simple to track when compared to getting a GitHub/GitLab
notification of changes and analysing the latest commits.

In other words, it’s impractical for someone to investigate your code out of
curiosity. It becomes a chore, something you have to decide to consciously
carve a piece of time for, meaning less people will do it.

