In the latest episode of “they will always sell you out” - they sold you out! Who would’ve thought.
Hoping for a good alternative client to appear, the writing is on the wall. Vaultwarden can’t exist without “leeching” off of Bitwarden.
In the latest episode of “they will always sell you out” - they sold you out! Who would’ve thought.
Hoping for a good alternative client to appear, the writing is on the wall. Vaultwarden can’t exist without “leeching” off of Bitwarden.
Why not? No reason mobile apps and browser extensions can’t be forked.
https://pawb.social/comment/22239133
The linked vulnerability has been fixed a day prior of being reported by the dev themself and it’s not an issue since then, it even sais so in the cve description.
Well, yes, Vaultwarden would need more support, but that happens pretty frequently when a major provider enshitifies. Look at Godot, Lemmy, etc.
As for the CVE linked, BitWarden itself has many more: https://app.opencve.io/cve/?vendor=bitwarden
CVEs aren’t an indication of poor quality. Speed to resolution is. It’s not often devs themselves are finding CVEs, it’s the community.
At the core, regardless of what a C suiter does to the marketing, the state of the FOSS repos is what matters. Since they already walked back the “always free” comment this whole debate may be moot, so time will tell. Hopefully the rest of the company and the public sway them to continue to support it properly themselves.
I suppose so. Maybe the corporate propaganda got to me about the security of smaller projects.