So I’ve been using Rustdesk with a self hosted server for business and personal use now for some time. However, it is definitely the sketchiest foss software I’ve used. It seems to be based in China but the developers keep lying and saying its in Singapore.
Here is a list if everything I’ve found:
https://www.reddit.com/r/selfhosted/comments/14kjvkg/community_consensus_on_rustdesk_with_all_the/
https://github.com/rustdesk/rustdesk/discussions/1159
https://www.reddit.com/r/rustdesk/comments/y230hf/my_rustdesk_client_try_to_communication_with/
https://www.reddit.com/r/selfhosted/comments/10ppntj/reminder_about_the_shadyness_of_rustdesk/
https://www.reddit.com/r/selfhosted/comments/uurta8/_/
It seems that now the clients and OSS server are completely foss which is good. They also no longer have public servers in China according to them. In the client itself it also now has better defaults so you are less at risk of getting attacked.
It still is sketch but it now is slightly less sketch I guess? Either way its not ideal.
I am not Chinese, I am born and raised in the EU and I am Caucasian.
I am just irritated that FOSS software is being questioned just because it might have been developed by Chinese programmers.
And for the record you can’t be sure that any commercial software isn’t compromised or it doesn’t have backdoors, it just makes detecting those backdoors a lot harder.
Foss from places with known APTs are more secure than non-foss too personally. It would be daytime robbery compared to an inside job to implement spyware. It’s been done and should be monitored for though.