Skip to content

Fallacies used to dissuade you from using Freedom technology

"This other closed-source software is Secure" fallacy

alt text

Thing is, closed-source software cannot be trusted because the codebase can't be inspected. Hence the potential spying mechanisms would go unnoticed, whereas this is not the case with FOSS projects, if a developer were to try and add a backdoor into the software or remove any privacy-preserving feature, it would not go unnoticed, because everyone can inspect the code and call out the malicious developers directly.

Transparency in regards to the sourcecode of the software that you intend on using is VITAL to remain secure, operationally speaking.

"Trusting humans instead of FOSS software" ad-hominem fallacy

alt text

This fallacy aims to discredit FOSS projects by resorting to ad-hominem-ing the developers, to make you believe that they are not trustworthy, and by extension that you can't trust their code. Take that logical fallacy to it's extreme and you'll end up trusting closed-source software instead of FOSS software.

alt text

This is simply used because the other party doesnt have any way to discredit the actual software with facts and logic, so they try to discredit the people behind the project directly instead, arguing that they are not trustworthy (that's also known as the ad hominem attack).

In other words, because they can't refute the central point (pointing out an actual vulnerability in the source code), they try to target the developers instead. It's that cheap.

"The 0day risk" multi-fallacy

alt text

This is a combination of multiple fallacies, which we'll break down below:

The Slippery Slope fallacy

alt text

"Because this project has lines of code, it has potential vulnerabilities, because it has potential vulnerabilities, it may have 0days in it, and because it has 0days in it, it's not secure to use"

In other words, because of A, B may occur, because of B, C may occur, because of D, E might occur, while it is not the case for any of those.

The Burden of Proof Fallacy

alt text

"This project is not secure, it may have 0days in it. go ahead you can't disprove my claim!"

The strategy here is to make some shit up and to then try to pass the burden of proof to the other party, asking them to disprove what you made up.

The burden of proof lies on the party that brought up the claim, they should be able to prove what they claim (proving that there is a vulnerability by exploiting it and by publishing the Proof of concept). This is not for the other party to disprove, but for the original party to actually prove what they claim.

Confirmation Bias: The software i like is secure, the software i don't like is insecure

alt text

This is a fallacy taking advantage of 2 things:

1) Every software is secure until proven otherwise 2) every line of code of a given software can have multiple vulnerabilities in them

"Every software i don't like is insecure because it has lines of code that can have vulnerabilities in them, Meanwhile every software i like is secure because noone proved that there was a vulnerability in it.

Whenever you see this fallacy being brought up, bring that argument to it's logical end, effectively turn it on it's head like i did:

The logical end of the 0days argument

alt text

If you actually want to protect yourself against 0days, meaning protecting your operations against the very possibility of having a vulnerability, then you have to stop using software altogether.

It does not matter how small and hardened your minimal software is, because it has lines of code in it, it can have multiple unknown vulnerabilities in it. you will never fully eradicate the risk of zerodays by going for another software. the only way to eliminate the risk of a 0day is to stop using software altogether.

In other words, Every software that you like is also insecure because it has lines of code in it, meanwhile every software that you don't like is secure because noone proved that there was a vulnerability in it.

In Conclusion, Leave your bias aside and objectively percieve what you are talking about, before trying to respond to dishonest debaters. Stick true to your logic, and keep seeking the truth.

My actual thoughts on 0days

Are you seriously going to stop using all software altogether just because a vulnerability isn't publicly known yet ? Or are you like 99.99999% of the other people out there that accept that risk and just wait for the developers to fix said vulnerability upon discovering it?

In literally any maintained project, FOSS or not, if a vulnerability is publicly found, it usually gets patched fairly quickly regardless of the severity.

Let's be honest for a minute, nobody is going to stop using any freedom-enabling technology just because a vulnerability MIGHT exist, yet isn't made public. Everyone accepts that risk anyway, otherwise nobody would use the internet

Other fallacies

In fact, there are a ton of other logical fallacies out there, make sure you're trained enough to spot them and effectively call them out whenever they are used, as otherwise the dishonest party may end up like they won the debate

alt text

alt text


Suggest changes
Nihilist 2025-07-02
Donate XMR to the author:
8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8