Charge people who accidentally used their Java SDK.

You tell me, haha 😄

DNS usually is a bit of an issue when TTL is too high and the stuff the records point to isn’t available.

Well… Afaik the AWS outage only affected a certain region. So the company could have just deployed their online service in two different regions for redundancy.

Or even better. Enable Offline Support 😐

See an example here:

Microsoft said both issues could allow attackers to execute code with elevated privileges, although there are currently no indications on how they are being exploited and how widespread these efforts may be. In the case of CVE-2025-24990, the company said it’s planning to remove the driver entirely, rather than issue a patch for a legacy third-party component.

The security defect has been described as “dangerous” by Alex Vovk, CEO and co-founder of Action1, as it’s rooted within legacy code installed by default on all Windows systems, irrespective of whether the associated hardware is present or in use.

New attack vectors are found constantly. Having no support can very likely result in a system that can be automatically breached in a few weeks to months.

As long as you don’t have a public IP on your device and are in a trusted network you should be fine. But if you use a public wifi or somehow expose a port to the internet you’re increasingly vulnerable for each day after the last security update.

Well, we could have found out what he did with his life if he didn’t die.

And a well respected historian and just a kid.

Certainly not good riddance.

Where I’m from there’s certificates a company can get, that confirm a certain level of process and IT security. Also a company existing for at least 5-10 years without incidents is a “vetted” company in my books. At least anything that managed to produce a working IT system before 2021 when AI came around.

I also believe there’s a bit of bad wording going on with the original comment. Take it up with that guy, lol.

This situation would have been easily preventable with basic understanding of what they’re doing is what OP is saying. This leak is not something highly complex, it is painfully stupid on the side of the developers.

There’s a difference between a hack, where data is exposed, compared to data exposure due to negligence or ignorance on the development side.

Or it gets them into a negative feedback loop since AI hardly ever tries to contradict you.

But yeah. At least they’re opening up to someone/something.

As I’ve said. Nextcloud is a great example of FOSS working out for a business, haha.

I guess we just have to agree to disagree then. Which is fine.

Your points are valid and thank you for detailing them for me. If I was in their shoes making others able to steal my IP, even if they’re not allowed due to licensing and having to deal with constant scrutiny of the source code are k.o.-criteria, which hinder the project and lead to potential revenue loss.

Well said.

Then that’s a moot point I guess, haha.

Still a great way to pay for Obsidian to support the development though.

It’s not just about syncing files. It’s also the fact I can edit stuff on my tablet and see the changes in almost real time on my laptop with Obsidian Sync. I believe most other solutions wouldn’t play nice with such a workflow.

That’s a bit naive imho. Remaining closed source is a form of IP protection and that’s really ok for what Obsidian is (a markdown editor). There’s just not any benefit for them other than appreciation from FOSS enthusiasts. Also maintaining an open source repository causes a higher workload and they lose a lot of freedom.

If privacy is your concern you don’t need source code anyway. It’s quite easy to sandbox an application like that and analyse network traffic and such. Also Obsidian is built using Electron. That means with enough motivation one could quite easily reverse engineer most of the app. Most of the applications behaviour can also be observed via the integrated dev console, which lets you view source code.

In short I don’t really see the need, unless I want to build or maintain it myself. And I think the negatives far outweigh the positives from the perspective of Obsidians team.

I don’t necessarily like a few takes in the comments here.

Vibes wise the Obsidian team seems to be great and they don’t seem to have shown any reason why I should distrust them. I love FOSS but gifting others my work doesn’t put food on my table, so in that sense they need to have a lucrative business model which they seem to have established.

I could use SyncThing, Git or other solutions to do synchronisation between my devices but I choose to buy their Sync offer, since I want to support them (they also have EU servers, which need to be GDPR compliant by law afaik).

The closest comparison I could make is NextCloud. NextCloud open sources their software, but they sell convenience. Sure, you could self host it, but paying them to do so for you may be more attractive. In comparison Obsidian is not really complicated to set up or maintain. It’s literally just a MD-editor. So the only convenient thing to sell is synchronisation if you don’t want to put a price tag on the software.

If they open source all their code, some tech wizard will implement a self hosted obsidian sync server with the same convenience as theirs in a day, and the company will lose their revenue stream.

We’ve all been burned by tech bros in one way or another, but I think it’s ok for people to profit off of their IP. And they seem to be doing so with a positive vision. Feel free to let me eat my words if they ever go rogue, but that’s my 2 cents.

The battle ended in a stalemate, but half a year later you suddenly get a +20 XP pop-up.

Agreed. It’s really shit for new code, but if I’m writing glue code stuff or repetitive code it saves a lot of time spent on typing.

Yes, I was also very surprised. The userbase is surprisingly small, even though it runs quite well.

But if I wasn’t into IT, I’d probably have run into issues that I wouldn’t be able to fix. Just little things like proper directory permissions, ownership and such.