No, I am not writing an analysis on humans and trust (although that would be interesting). Rather, I am talking about the software we trust. I am not a security professional by any means, but these are some thoughts I have on the subject.


When I refer to trust here, I mean software and its developers that you trust to run, perhaps regularly. Untrusted software may be isolated in a VM, for example. Something must be trusted when you use a computer. At the very least, your OS and hardware. Even if you do not want to trust Microsoft, but use Windows, you inherently do. Should you not trust them, having them control your OS fundamentally breaks your entire trust model.

The apps you run🔗

As you fundamentally trust your OS, running their default apps reduces the amount of trusted parties and is one reason I use Safari. I remember a discussion on a Privacy/Security room on Matrix, and someone who had to use Windows (presumably for work) talked about how they refuse to use the default apps. As stated, their trust model is contradictory. Reducing trusted parties will almost always help (as any additional party could theoretically be a bad actor).

A similar experience came where someone said they use Firefox on iOS instead of Safari as because Safari is not open-source1, it cannot be trusted. After reading this, you can probably already tell the problem with this: Apple already creates their OS and hardware.


Hardware is somewhat more tricky, as there are less options. Making software is one thing, and distribution is less complicated (extreme understatement) than making your own computer from scratch. There are certain hardware vendors you will always have to trust. That is why it is (almost) impossible to avoid the U.S. with technology as so many hardware components are, at the very least, engineered there.


I hope you take some time after and reevaluate the hardware and software you use. I use Apple devices, but for a long time avoided the default apps, but have since changed my thought (also Apple default apps are pretty good).

As I wrote earlier, I am not an expert on this subject. If you found a mistake, error, or flawed thinking and/or want to talk about it, please contact me to let me know. Thanks!

[1] Being open-source should not be the only criteria for trust, either. One example