Can you please explain how you would do this? You can toggle the button that says to sync, but how can you know that the app is not connecting to the internet?
Right now, I have my updating option turned off; but Obsidian is still able to embed iframe content from the web; so I think that toggling that button did not block the app from communicating with the web.
Is there a way to check. your networks, etc to see if a request was made from the app?
Hi @Nebucatnetzer, I’d like to make some clarifications.
On the value of products:
You are speaking of the nebulous concept of market capitalization value, which is a kind of weird measure of faith. I am speaking of investment value, which includes the time employees put into the development of a product, and the initial capital investment. I suppose I should have included more of the quote from Treasure of the Sierra Madre:
A thousand men, say, go searching for gold. After six months, one of 'em is lucky - one out of the thousand. His find represents not only his own labor but that of nine hundred and ninety-nine others to boot. That’s uh, six thousand months or five hundred years scrabbling over mountains, going hungry and thirsty. An ounce of gold, mister, is worth what it is because of the human labor that went into the finding and the getting of it.
Unless you think there was no capital investment and the time of the employees is worthless, there’s inherent value in Obsidian as an intellectual property. To say,
is to say that no products related to IT have inherent value. I disagree, thus my original statement of perspective.
Hardware and software are two very different things. Even my coffee maker has a microprocessor in it, so “IT-related” hardware is no different from other tangible goods when it comes to sourcing of raw materials, supply lines, manufacturing, inventory, shipping, etc. Then there is the economy of scale that allows a manufacturer to offer a better unit price for a large-quantity order. I could go into why that is, but I don’t think any talk of hardware is germane to the topic of software intellectual property as it applies to Obsidian.
Yes, but it’s not as if it’s an annuity that will continue to pay without effort. Even after Obsidian becomes a mature product, it will continue to be maintained to keep up with changes in the underlying software stack, including the OS. It will continue to have to provide support (that magical thing that’s completely lacking in open-source) and it will continue to have to address bugs and feature requests. I just quashed a bug in our CM system that’s been there for 10 years. There’s no end to that software maintenance.
On the topic of why open source doesn’t enjoy the success of MS Office:
The progeny of Star Office can read/write .docx and .xlsx files, so I’m not seeing the lock-in or proprietary formats as an issue, nor the subsequent issues. The product that is Microsoft Office wasn’t always the market behemoth it is today; all products start from zero. What it always has been, though, is commercial for-sale software. And that made all the difference, because for software to survive over the “long-haul,” it must be continually maintained. Open-source maintainers contribute out of interest, while professional software developers contribute out of career choice. When open-source contributors lose interest / move on, the continued stability of the software is only assured by the uptake of contributors. When professional developers working on a commercial product lose interest and move on, they are simply replaced. This is why, on a software “geologic time scale,” open-source is DOA, and why I said
On Redhat:
If Free Software costs money, it’s not free, so I find this argument to be a bit specious. We pay 6-figures for a RedHat site license. That’s the most expensive “free software” I’ve ever seen. What they did was find a way to monetize open-source in a way that costs just as much as proprietary commercial software by maintaining the commercial model: they get fed, you get guarantees. Besides, they’re only obligated to open source the open-source software, nothing they write themselves. Your software isn’t open-source just because it talks to open-source software.
Then I guess you don’t need their source code! What an insult to the Obsidian team.
My statements on commercial software aren’t meant to be an absolute, applying to all for-sale software. There are plenty of examples of poor commercial software; just look at the dumpster fire that is the Play Store (just the name tells you they aren’t ready for business). My statements are meant to reflect my perspective based on what I personally look for in products, and what are good products.
The point of the Disney example is to provide the foundation for my trust model. I did say,
So no, it’s not meant to say one should make everything oneself. That’s not really possible. The point is, one has to choose wisely in establishing that trust. When it comes to software, I want something that will be around for the foreseeable future. That doesn’t mean forever; nothing is forever. It does mean, though, that open-source software has a lousy track record overall, compared to commercial software.
On commercial software having end-of-life dates:
This is a part of the calculus in determining my trust level for a product that I need to just work. How old is the company? How old/stable is the product? Is it one person in a garage? Do they have a privacy statement? Do they have a release model? Do they have a roadmap? Etc. For example, I don’t know if Apple actually states their software update model someplace, but they have a long history of a major OS update every year, so that is their de facto update model.
On open-source being written by a loosely-coupled group of strangers with no ultimate responsibility:
And the central core is typically very small, leading to stability issues. As for other contributions, it’s a band of strangers. I’ll wager that he vast majority of people who use open-source software don’t actually read the source code. If they did, maybe the promise of multiple eyes making a product more secure, robust, etc., would come true. I’m not seeing it.
A strange thing happens when money changes hands: legal strictures come into play. Large commercial software products have well established review processes in place. This is dictated by the notion that a major issue with a major product threatens the survival of the enterprise. Said another way, to a software company, a major problem is an existential threat. And if, somehow, a nefarious employee manages to get malicious code into the product, the company knows the identity of that person, and there are legal and civil repercussions. The same cannot be said for free software. Have you ever seen something similar to this statement:
No warranty expressed or implied, as to the fitness or suitability of this product to a particular purpose.
Here’s my interpretation:
You’re an idiot if you run this software, because we won’t even guarantee that it’ll do what we wrote it to do.
Sometimes the use of software under these circumstances is unavoidable. In those circumstances, I’ll have to employ risk mitigation techniques.
This is all just a matter of perspective. If I play a computer game, I don’t expect it to be error-free. This is the hobbyist side of my life. But every person has a portion of their life that represents business, and that portion has to be run like a business, which means I expect that software to just work and have guarantees of support if it doesn’t, because that’s how businesses operate: guarantees up and down the supply chain so that all parties have assurances. I don’t need the source code to a product, I just need assurances to plug into the trust calculation. If your trust model requires you to have the source code, then you’re free to not use the product. Expecting Obsidian to change their business model and release the source code in order to fit your trust calculation is the tail wagging the dog, as they say.
Hello @datum
I would like to offer two points that I hope will contribute to your (or anyone’s) knowledge because I suspect there may be some paths not connecting in this conversation due to different understandings of the language used.
When people talk about “free and open source software” the word “free” has nothing to do with cost. It is being used in one of its other meanings (an unfortunate difficulty with this particular English word). You can read more about that definition from its source. But here’s a brief quote:
“Free software” means software that respects users’ freedom and community. Roughly, it means that the users have the freedom to run, copy, distribute, study, change and improve the software. Thus, “free software” is a matter of liberty, not price.
I would also suggest doing some in-depth looking at all of the proprietary systems out there, you might be surprised just how many of them have free and open source software underpinnings or rely on FOSS to exist. Practically none of the common, regular work anyone does through the Internet on existing operating systems would be happening without FOSS. That’s the case whether we’re talking about browsers, the OS, or right down to things like DNS. The statement from @Nebucatnetzer about ripping out source code, though I cannot read minds of course, I’d guess was not so much intended as insult but a mere statement of fact.
I agree that it makes more sense this way.
However I still think that the analogy doesn’t really work for IT/Software projects.
I agree that my reply there and that topic is a bit OT.
Yes maintenance is required but if you don’t add new features it’s usually a fraction of the initial investment.
No, support isn’t missing from Open Source projects.
Many projects offer payed support (which is how they usually make money from the project) or there are companies which provide services around an Open Source project which then provide the support.
It highly depends on the project.
The .doc/.xls/.ppt are a proprietary format which were only fully supported by MS Office and had to be reversed engineered by other software in order to support it.
Docx etc. are supposed to be an open standard but apparently Microsoft isn’t really working according to its own standard.
That is IMO where the vendor lock-in is coming from besides other things (Vendor lock-in - Wikipedia).
This statement can’t be applied to all projects.
A lot of Open Source projects are developed by developers working at a company.
And for proprietary software it highly depends on the size of the company.
With an Open Source project there is however the possibility that a third party can pick up the work.
As @owlyph suspected I’m talking about Free Software as in Free Speech not as in free beer. Which is a subset of Open Source software.
I never said that Free or Open Source software has to be gratis.
Yes RHEL costs money but according to Wikipedia it is still Open Source (I haven’t searched for the code).
Depending on the license the base software uses you are at least required to publish the changes you made to that software.
It wasn’t meant as an insult more like “they are standing on the shoulders of giants”.
IMO it is only consequent to release the source code of your software if you’re using Open Source software.
I reckon that highly depends on the point of view. Examples can easily be made for both cases.
And this questions can be used for any software project doesn’t really matter what source model they use.
A company developing in the open just makes the privacy part a bit less based on trust and more based on facts.
AFAIK the dev team of Obsidian is quite small.
So?
I reckon the majority aren’t developers but they could if they wanted to.
Being closed source surely doesn’t help with being more secure (security through obscurity).
Neither does it help with stability etc. that just depends on the projects again.
Of course it can be the same if the Open Source software is sold as a product.
Sure when you read the ULAs for a lot of cloud services it’s even worse.
That statement usually comes with software that is provided free of costs for which nobody pays for any special support and the project can’t afford any legal battles.
I’m sure products like Office have similar statements that Microsoft isn’t responsible for any lose of data etc…
It doesn’t require it but I feel a whole lot more comfortable when using Open Source software 
I’m not expecting them to change their business model, I’m kindly asking them to release their source code. They can keep their business model as is.
Yes. Wireshark, a free program. You could also use an outbound firewall, set to deny everything and ask first. Simply block what you need.
If you are using MacOS , have a look at Little Snitch.
I would kindly and very seriously ask them to not to. I want them to protect what they built. And I believe we have had a definitive answer in this thread, and that there are competing open-source software on the same market that can be used – and contributed to – by people who are looking for open-source software. Maybe – just maybe – this thread could be put to rest.
Open Source isn’t just “I gEt tO sEe Teh seCrEt coDeS”; going open source necessitates a business model change. There is an inherent contradiction in your assumptions and demands here.
I agree as I already said in December.
I’m only continuing to reply because I feel there a lot of misconceptions about Free Software. E.g. “You can’t charge for Free Software”.
What a grown up comment.
To me a business model is the way a company is making money from a product (and seems to be the common definition after a quick research).
IMO they wouldn’t have to change anything related to the money making part even after they’ve provided the source.
I personally don’t even care about the server side code since I’m using it with my own sync solution.
What you are describing is more accurately classified “source available” licensing but is not, by definition, Open Source or Free Software. They have specific definitions. Going Open Source would necessitate a business model change for them, and one with low odds of success for a direct-to-consumer product.
Don’t go open source. The extraordinarily gifted people who collaborated to create this software, and under terrible shutdown Covid times, deserve to benefit financially from using these times to benefit us all. Let them have their pay day.
I cannot imagine moving from Obsidian now I understand its purpose. It does everything I have been looking for in knowledge management. Thank you.
This is a continuation of my thoughts regarding trust relationships and risk mitigation, spurred by a recent observation. I have previously stated my reasoning behind minimizing trust relationships by minimizing the software stack, in an effort to minimize risk and maintenance while increasing stability.
An architecture designed to support the notion of plugins is a beautiful framework for extending functionality of the baseline product. The company limits the workload to the baseline product, while the community may extend the product in ways as yet undiscovered. And yet, while I appreciate the open-source community, I use no third-party plugins with Obsidian because it is against my trust philosophy. Obsidian recognizes the potential for risk, by making the user take an explicit action to enable third-party plugins.
A shout-out of Thank You to @nickmilo for the LYT Kit. It’s a great resource for organizational ideas and provides a lot of information for consideration. Upon opening the LYT Kit vault, Obsidian dutifully warned me that third-party plugins are disabled, and asked if I wanted to enable them. For the time being, the answer was No; let’s see what’s going on to see if I can extend a trust relationship to these plugins and receive the full benefit.
I started by wanting to review the source code. To be perfectly clear, I went to the LYT vault and issued the following command:
find .obsidian/plugins -type f -exec wc -l {} \; | awk ‘{s += $1} END { print s }’
90415
Yes, the few plugins included with the LYT kit constitute over ninety thousand lines of code. I’ve designed an entire CM system that amounted to 6000-8000 lines of Java. At this point, I could start a dissertation on the failure that is modern computing, such as it is, that it requires one to be so loquacious just to get a computer to do a few things, but I’ll stick to the topic at hand. I have neither the time nor the inclination to review 90k+ lines of source code. I’m sure the plugins do great things (just looking at the names) for the LYT Kit (again, thank-you @nickmilo !). While I believe the risk is low (I don’t truly believe that in this esoteric corner of the computing world, someone set out to spend so much time writing malware), I cannot practically ascertain the safety of the methods employed. I’ve seen sloppy methods create unintentionally dangerous situations, so off to an immutable VM goes the LYT Kit, so I can bask in the ideas that Nick so graciously provided the community.
Because it’s commercial software. That doesn’t mean it’s perfect, but it does mean that there’s a financial incentive to do things right, and sloppy or dangerous practices represent an existential threat to the enterprise. No such incentive exists with open-source. And as the Bard would say, therein lies the rub. So you can choose to rely on a beautiful open-source pebble that ultimately will be washed down the development stream to oblivion, or enjoy the commerical, safe boulder that is Obsidian. Stay proprietary, and stay strong.
I am not an expert in this at all, and have read some, but not all, of this thread. I’ve used software for decades, many types. Just a quick thought on this snippet:
If Obsidian can be trusted as an enterprise, a boulder, but plugins cannot, by @datum 's analysis, it makes me think of one thing: To me, the number and sophistication, and indeed the creativity of plugins grows by the week. They actually seem to be overshadowing the baseline host, Obsidian. Their very existence can be attributed to the forward-thinking and keen insight of our two Obsidian wizards. But doesn’t their outsized growth commensurately, by the week, increase the user/customer enterprise’s risk?
Where is the counterbalance to that trend? Will there be one that emerges, at all? Is the counterargument “there will always be risks in the software world, there are risks when you step out every morning” a tired and lazy rebuttal? I don’t know the answers to these. But I do love the idea of Obsidian.
Although my position seems rather black-and-white, it is only painted that way to make the point, in clear contrast.
All tall buildings overshadow their foundations, yet they cannot stand without them, so this is to be expected. If Obsidian is a framework for enhancements, then it becomes a question of the type of growth. As a foundation, Obsidian creates a community, and I have a deep appreciation for those who spend their time developing things for the benefit of us all.
Yes. There is really no other way to answer that. The risk isn’t just one of malfeasance, and malfeasance is probably the least of the risks. The risk isn’t present simply by a plugin coming into being, but in the act of relying upon it. This is fine if one understands what the plugin is doing, but the reality is that it is software written by individuals who may not always continue to maintain the plugin. Put simply, one day it may just stop working due to a software update. Community contributions are developed through personal interest. Personal interests change over time.
The counterbalance lies in one’s personal choices. There is nothing inherently wrong with wanting to use a community-sourced plugin, but one should ask oneself certain questions in making this choice:
There is no right set of answers to these questions, which amounts to a risk analysis. For example, even if you cannot maintain the code yourself, if the plugin adds tremendous value to your work, but at the same time would not be disruptive if it failed, then it might be right for you. Ultimately, the answer to your question is, be selective and deliberate in your choices. Don’t be “the kid in the toy store” on a shopping spree, grabbing every shiny new thing.
There’s an old saying: When the only tool you have is a hammer, every problem looks like a nail. I take this as just a humorous way of saying that we tend to use the tools we have at hand. While this may sound obvious, there’s a subtle, very important implication as it applies to using a tool like Obsidian. We will, perhaps without thinking about it, build an ontology based on the capabilities at hand. If the function of a community plugin is woven into that ontology, and the plugin stops development and eventually fails, then the ontology comes crashing down. That is the true risk. Be selective in the what and the how, of community plugins.
mmmm… that’s the way I thought when I used Hypercard at the time. Then “Apple” abandoned it!
A second brain,
for you, forever.
The source being available seems very sensible when this is the goal.
simple, open storage format: plain text markdown files + folders
This is the way I thought when I bought three Palm Pilots.
No code audit = no privacy = no sale.
Canceling support. Wish I hadn’t opened this box. Ignorance was bliss. On the road for an ethical toolset.
@cmhorn You could deactivate auto-update, install a tool like Charles or Little Snitch and see what information gets send out. You’ll probably notice non. If it doesn’t send out information what’s your worry about privacy? You have your static files stored on your hard drive where would they go?