I’m note a programmer. I Don’t Understand Codes. How do I Know If An Open Source Application is not Stealing My Data Or Passwords? Google play store is scanning apps. It says it blocks spyware. Unfortunately, we know that it was not very successful. So, can we trust open source software? Can’t someone integrate their own virus just because the code is open?
Nobody can be 100% sure of some program’s security. However, the fact that anyone can look into the internal workings of a FOSS project means that a lot of people much smarter than you and I have their eyes on every detail of the code at all times. Plus, these projects are maintained by competent people who monitor everything that gets added to it thoroughly, so there is a very little chance of something malicious getting into a major project like that.
In comparison, nobody but the people working at Microsoft knows what Microsoft projects really do, since nobody can look inside. We just have to “trust” them. Which I do not want to do.