I am an old mainframe guy. I could give you my COBOL deck of cards or the compile listing. You could pour through the code looking for nefarious/malicious code. I then hand you the object deck. You have no idea if it matches the code you looked at. The only way you could be sure is to compile the code I gave you and use your own object deck.
So why is open source these days such a beneficial thing? DeepSeek may be open source but I have no way to create my own executable. Besides, I don’t know what language it is written in but I bet I have no expertise in it. No way to for me to identify nasty code. Yes, many people may have reviewed the code but that does not mean what I am running is the result of that code.
