It sounds to me like you are asking for privacy guarantees not open sourcing. If the only thing the application sends is version information an option to disable that seems like it would satiate your concerns and be a lot less work than stewarding an open source project indefinitely.
I have the same concern (not a big one, for all the advantages Obsidian brings to the table) like your first point, i.e. What data/metadata transmits back to their server?
Why would Obsidian care about that group of people? They don’t bring in revenue. Yet they have significant costs associated with them. So trying to serve that target audience makes little sense.
This so much! I used an open source alternative before Obsidian, but that takes way too much time for me. Now with Obsidian I can pay a subscription fee and simply email support if there’s an issue. That’s worth a lot to me, since with open source software you’d have to open an issue and hope and pray that someone replies.
If this is a concern, then simply block Obsidian from accessing the internet. It doesn’t need it and you can download new versions when they become available.
From years of experience, I can guarantee that being open source does not confer immortality. Unless you have the ability to pick it up and keep it going yourself.
Your best guarantee is that you still have your files and you don’t need Obsidian to access them.
Easy to switch to another program if any still exist.
Some additional information: as of v0.7.4, you can disable auto-updater, and the app will not make any network connections at all, unless you embed remote images or other resources. Anyone can monitor that and submit a bug report if that’s not the case.
We will have privacy statement soon, basically saying that we do not collect any personal information when you use the app. We do have your email if you choose to sign up for an account and sign in to the app, but even in that case Obsidian still doesn’t make any network connections if you disable the auto-updater.
We have a few opinions about open source that we hope people who ask for open source can consider:
Open source does not necessarily guarantee safety. A specialized team can do a security audit, which costs anywhere between 5-20k dollars, and that’s the closest thing you can get to safety. Even then, it’s not an absolute guarantee of safety; your best bet is to keep all the data in your head if you want zero risk of others seeing your data.
Open source does not necessarily mean faster improvement. Code is not just text that can be easily understood and manipulated; one needs to understand the code architecture and design to make good fixes and improvements. Honestly in some cases, doing a good code review will take us more time than actually fixing it ourselves. On top of that, the code base of large projects like VSCode is almost incomprehensible to anyone other than the core contributors.
Open source projects do not necessarily last forever. It’s not hard to see all those abandoned projects looking for maintainers. Think about incentive alignment: after building a sustainable business, it’s obviously in our best interest to keep Obsidian going, however an open source maintainer may not consider keeping the project alive to be their top priority when other life priorities or other interesting opportunities arise.
Doing open source right is a significant effort; it’s not just “putting code on GitHub”. There’s work in documentation, reply to issues, code reviews, help fellow developers get up to speed with the code base, etc. The cost to benefit ratio is very low for our small team of 2, and our plate is already full.
In summary, I think having a privacy statement and a pledge to open up code access if Obsidian discontinues are good ideas, but open sourcing does not make sense given the current circumstances.
Lastly, I’m going to move this to “Obsidian” rather than leave it in “Feature requests”, since I don’t think being open source is a product feature, just like “free commercial license” or “free Obsidian Publish” are not feature requests. More like business model and product direction discussion in my opinion.
The privacy statement is now available here: https://obsidian.md/privacy-statement
I just would like to add that I strongly disagree with this post.
The HN type of users are exactly the ones which would be using something like Obsidian instead of Roam because it lets me choose how I want to sync my files and uses an easy and future proof plain text format.
Yes they might be a very demanding group of users but they are also early adopters and usually quite tech savy which has it’s own benefits.
And at least, I don’t have a problem paying for a license if I have the feeling that the software respects me as a user.
In addition just because the code is open doesn’t mean they have to let anyone contribute if they don’t want to.
And they can still have a normal support contact for their customers.
A lot of people seem to confuse open source/ free software with gratis which absolutely doesn’t have to be the case.
I’m quite disappointed by the stance taken in this thread. I understand concerns that opening the source could make the project slower and more cumbersome to develop for, but I do believe there are ways to mitigate that.
Ultimately, I’d hope Obsidian would take the approach Standard Notes has: a robust open source project with a clear and sustainable financing model. Keeping the project closed does nothing to guarantee it will make money, and everything to guarantee that outside developers who might be able to help make the project successful definitely cannot.
My concerns are echoed quite well in this thread, from security (the ability for technical users to audit the code), to extensibility (the ability for users to provide new code the core devs don’t have time or desire to write), to support (the ability for users to fix bugs).
I really love a lot of the core ideas in Obsidian, but it clearly has a small development team. They’re doing a ton, but there’s always more to do (especially as a project gains steam). I came across this thread after finding “Services item in editor menu on Mac”. Obsidian is bordering on unusable for me without supporting macOS Services, as I heavily rely on Markdown Service Tools (and similar scripts) for editing and altering markdown text. Services support is something I’d be quite happy to provide code patches to support, as plenty of Electron apps properly support them (VS Code, etc). But I can’t.
So I’m basically stuck not being able to really use Obsidian until it starts behaving more like a proper Mac app, which will happen whenever the core devs get around to it (if ever).
So why not contribute to one of the open source VSCode extensions like Foam?
Contributing to the project will be easiar once we release a public API.
So why not contribute to one of the open source VSCode extensions like Foam?
Good to know, but I highly doubt an extension would be able to add services support. But I’ll check back in a while…
Final thing I’ll add… Truth be told I’m not even really advocating for open source. Sure, that’d be nice (IMO). But what I really want is open development. It is possible to develop proprietary software in the open.
I can’t put the finger on it but somehow that feels very wrong to me.
Proprietary development in secret is somehow better? I’d much rather know what’s going into my app (and how), than it be hidden away. Sunlight is the best disinfectant, and all… (I’m not arguing it’s better than open source, just a better alternative than being completely closed.)
I know it’s not really a rational thought but it feels a bit wrong that they would profit from merge requests and put them under a proprietary license.
I agree that rationally it is preferable than a fully closed source software.
Hello, thank you for offering this explanation. I’ve been following Obsidian for a while and keep coming back to consider it against a few of my other favourite similar applications (Zim, Zettlr, and Trilium). Obsidian is really impressive and I like it’s roadmap. I’d like to support its continued development by paying for one of the options you provide but what stops me from following-through with that, every time, is the fact that it’s not free and open source software.
First point on safety seems a fair comment but it’s also true of closed, proprietary software. This isn’t an argument against FOSS.
Second point also seems fair but not an argument against FOSS because if you release your code as FOSS it doesn’t mean you’re required to take anyone’s potential improvements. But you do give yourselves the option of taking them if you want to. This also is true for the fourth point. You may not want to put the effort into managing a vibrant FOSS project but that’s your choice, it’s not an argument against making the code FOSS. Proprietary software doesn’t have that option at all.
Third point, true FOSS projects may not last forever, nor will proprietary, closed-source ones. This isn’t an argument against FOSS, it’s just a fact of anything not managed well. From what I see of the pricing options in your business model, having your code released under a FOSS licence would make no difference to how you make money. If your business is sustainable now (or heading in that direction), while you currently give your software away for free then there is no change.
However, a benefit to making it FOSS that you will never be able to get any other way is that you’re committing to your users that you respect them. You’re telling us that you respect the fact that we have certain freedoms about what we do with the software we use on our computers. Without that sort of commitment, even if I personally never use the code or see anyone else contribute improvements to it, I cannot in good conscience pay to support your organization.
I hope you will take my points as positive criticism. I truly believe you have a great applicaton and it seems like a good business model. It just strikes me that you haven’t made any actual arguments against licensing the software as FOSS but have some conceptions that are skewing a bit from what would actually be the case and thus preventing a lot of additional support (as some of the other comments here suggest).
Thank you for listening/reading and hopefully reconsidering.
I love Obsidian and hope it could open source. Then I could contribute.
But just like @okay , I am not trust it 100%. So I use firejail to run it in a sandbox and to limit its network connection. For example:
$ firejail --net=none Obsidian.AppImage
Thanks for the hint. I was looking for something like firejail.