Top 10 Trust Open-Source Projects

Ockam

76 4,341 10.0 Rust

Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.

Project mention: Tunnelmole, an ngrok alternative (open source) | news.ycombinator.com | 2024-03-21

disclosure: I work at Ockam.
The Portals for Mac app is an example of the type of thing you could build using the open source stack of protocols. The README (linked by parent) links out to all of the relevant parts of the protocol documentation to explain how these work together. The NAT Traversal (https://github.com/build-trust/ockam/blob/develop/examples/a...) part of the README is probably the best explanation of why the free relay you get via Ockam Orchestrator is a useful part of this demo.
As for why would anyone trust this: The protocols are designed so you absolutely don't have to trust the relay. Trust is pushed out to the edges that you control and so you're not susceptible to a MITM attack if something like a relay is compromised. The protocol design for all of this is open and documented, and was independently audited by (IMO) some of the best in the business, Trail of Bits: https://docs.ockam.io/reference/protocols.

Docker

4 3,177 2.5 Go

Notary is a project that allows anyone to have trust over arbitrary collections of data
InfluxDB

www.influxdata.com sponsored

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
cargo-crev

55 2,025 7.9 Rust

A cryptographically verifiable code review system for the cargo (Rust) package manager.

Project mention: Hard disk LEDs and noisy machines | news.ycombinator.com | 2024-01-05

In other cases it may be more documented, such as Golangs baked-in telemetry.
There should be better ways to check these problems. The best I have found so far is Crev https://github.com/crev-dev/crev/. It's most used implementation is Cargo-crev https://github.com/crev-dev/cargo-crev, but hopefully it will become more required to use these types of tools. Certainty and metrics about how many eyes have been on a particular script, and what expertise they have would be a huge win for software.

noscript

59 781 8.0 JavaScript

The popular NoScript Security Suite browser extension.

Project mention: What It's Like to Use Apple's Lockdown Mode | news.ycombinator.com | 2024-01-02

jail-monkey

2 545 0.0 Java

A React Native library for identifying if a phone is rooted or mocking locations
cothority

2 421 0.0 Go

Scalable collective authority
insolar

0 188 5.1 Go

Enterprise-ready blockchain platform
WorkOS

workos.com sponsored

The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
simpleoptout

6 142 5.6 Shell

Deep links to opt-out of data sharing by 100+ companies.

Project mention: Did you turn off Google activity tracking? | news.ycombinator.com | 2024-03-10

If you're in to disabling stuff that you'd never intentionally enable, I've got a much longer list here: https://simpleoptout.com/ (HN discussion from 2019: https://news.ycombinator.com/item?id=18975189).
Google search history/customization: https://simpleoptout.com/#google
YouTube watch history & search history: https://simpleoptout.com/#youtube

gov4git

2 133 9.6 Go

Decentralized governance for Git communities
angelos

1 4 1.8 Cython

Angelos is a safe messaging system.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2024-03-21.