Editors note: This article was originally published in July of 2022. It has since been updated and expanded.
Many people have expressed concerns on the closed source development of the Obsidian application. Obsidian is a wonderful application used by people all over the world, and the concern is understandable. Why isn’t Obsidian open source?
Why Do We Care?
One of the core ideas behind Obsidian is the open format of the application. Obsidian uses markdown both in the app and behind the scenes, which means that you’re never tied to the app itself: you could open your Obsidian Vault in any application that supports plain text or markdown. Obsidian adds lots of bells and whistles on top of that format, but in theory you could open your vault in any text editor.
The open format of Obsidian is very important to them. The CEO of Obsidian, known as Kepano, says this:
File over app is a philosophy: if you want to create digital artifacts that last, they must be files you can control, in formats that are easy to retrieve and read. Use tools that give you this freedom.
File over app is an appeal to tool makers: accept that all software is ephemeral, and give people ownership over their data.
In the fullness of time, the files you create are more important than the tools you use to create them. Apps are ephemeral, but your files have a chance to last.
Kepano on X
That’s important, because applications die all the time. For example, the Atom text editor recently was retired, after it was purchased by Microsoft.
But Atom is an Open Source text editor, which means technically the community could carry on the development on their own. And downloads will continue to be available as long as Github is around. It gives people a sense of control that is lacking in close-sourced applications, and I think that’s why there’s concern surrounding this aspect of Obsidian.
What Does Obsidian Say About It?
One of the co-founders of Obsidian, Erica Xu (referred to as Silver), has specifically addressed these concerns. Her overall points were these:
- Open source doesn’t guarantee safety without specific (and expensive) third party audits.
- Open source doesn’t mean faster development. Code review often takes longer than development.
- Open source projects don’t last forever.
- Open source requires a lot of extra effort, and the developers would rather put that effort into the app itself.
In essence, the developers aren’t interested in maintaining an open source repository. They’d rather focus on making the app as good as possible.
They have a point: I’ve maintained a few open source repositories myself, and it does take a lot of time. Many organizations have dedicated developers whose only job is take care of pull requests and process issues.
They also want to be able to support their families by making money through the Obsidian application, which could be more difficult in an open source environment.
What About Security?
The Obsidian team is correct that open-source doesn’t ensure secure software. Sure, there are more eyes on the source code, so security vulnerabilities might be caught faster. But hackers can also see the source code, so they can look for exploits more easily.
Both open and closed source software is inherently insecure, unless a lot of time is invested to make sure that it is secure.
One way to do that is to get a third party security audit, and as of 2024 Obsidian has completed one such audit (and fixed four minor issues that this audit surfaced). This is a big deal, and I’m not aware of any other note-taking app that has completed such an audit. If you want to learn more about how Obsidian protects your data, see their security page.
What About Privacy?
Obsidian has a very strong privacy policy. They state that they don’t collect any personal information unless you specifically give it to them (such as creating an account on their website or forum). The app itself doesn’t track you, and all information is stored locally on your machine.
There are specific instances where the app will connect to the internet, such as if you are installing a new theme or community plugin. But for the most part, if you’re really concerned about the privacy of your notes, you can use Obsidian without an internet connection.
There are also other ways to install themes and plugins, so the app is 100% feature complete without a connection to the internet.
Are There Open Source Alternatives to Obsidian?
There are many similar applications in the Open Source realm. So if you are concerned about the closed-source nature of Obsidian, there are other options. For example:
- Logseq. Big community, open source. But not many plugins.
- Zettlr. Small but active community. Good feature set, but no plugins, and not a very pretty app.
- Foam. Very much still in beta, and based on VS Code. It’s open source, but you also have to trust VS Code in this case, which is only partially open source (and made by Microsoft).
These are some of the best options I’ve found, but they have some major downsides. The communities are much smaller, and they don’t have the same set of robust plugins that Obsidian has. They look great for simple use-cases, but they aren’t as polished or robust as Obsidian. (and potentially not as secure, since they haven’t received third-party audits)
The lack of plugins is a big deal, because plugins are one of Obsidian’s strongest features. If you haven’t tried community plugins yet, you can learn more here. (or see Super Powers for Obsidian)
These apps all use Markdown behind the scenes though, so if you wanted to switch, you could do so at any time with minimal effort. Obsidian is no Evernote: it is built on an open format, and it doesn’t lock you into their tool. You can switch away at any time with little fuss or mess.
Personally, I think as long as the Obsidian team continues to act transparently and in good faith, I choose to trust them. However, if they ever break my trust, I will be the first to search for and use alternatives.
Leave a Reply