So I’ve been using Rustdesk with a self hosted server for business and personal use now for some time. However, it is definitely the sketchiest foss software I’ve used. It seems to be based in China but the developers keep lying and saying its in Singapore.
Here is a list if everything I’ve found:
https://www.reddit.com/r/selfhosted/comments/14kjvkg/community_consensus_on_rustdesk_with_all_the/
https://github.com/rustdesk/rustdesk/discussions/1159
https://www.reddit.com/r/rustdesk/comments/y230hf/my_rustdesk_client_try_to_communication_with/
https://www.reddit.com/r/selfhosted/comments/10ppntj/reminder_about_the_shadyness_of_rustdesk/
https://www.reddit.com/r/selfhosted/comments/uurta8/_/
It seems that now the clients and OSS server are completely foss which is good. They also no longer have public servers in China according to them. In the client itself it also now has better defaults so you are less at risk of getting attacked.
It still is sketch but it now is slightly less sketch I guess? Either way its not ideal.
Seriously, if you make the effort to create a big piece of software and then you open source it and then someone opens a ticket in GitHub asking you those questions, how would you feel?
Because neither “what is the source of the software” nor “potential influence by the CPP” has anything to do with the software itself.
You are free to conduct a security audit of the project and based on the results you can open this thread but saying that they have deleted issues opened on their GitHub page that have nothing to do with the software itself is a pure form of witch hunt and I am genuinely surprised how many people have agreed with you.
Deleting issues shouldn’t even be allowed. You can just close the issues are irrelevant and ignore them.