What should compel anyone to trust them in the first place? Seems like the balls in their court to figure out how to regain trust.
edit:
>When we started Kite, we were excited about the possible benefits of internet-connected programming. We were also well aware of the privacy and security concerns some people would have.
So their approach is going to continue being to ignore what they did and pretend they're cool now. Alright, well you can download the maybe-malware if you want, I'll stay as far away as I can from this company myself.
I feel like the answer to your question is implicitly that there is nothing they can do. they're "cancelled". Even a personal apology (with supporting documentation) would be ignored, since you don't care about the product anyway. Is this true?
I mean, I don't necessarily disagree with you, they have to regain trust, but at some point you have to be open to it.
No, but they need to explain what went wrong to cause them to think what they did was okay, and why we should believe it won't happen again, at a minimum. If they have no integrity, and hijacking an open source project certainly is sending that message, then I can't imagine what other incentives would stop them from abusing my trust in them for their gain.
I would like something like this, but they need to address this more thoroughly. It's not just a footnote.
>Trust but verify.
What does that actually mean? If I verify, then did I trust?
I don't want to verify, but if they expect us to be doing that work for them they sure as hell need to open source it.
edit:
>When we started Kite, we were excited about the possible benefits of internet-connected programming. We were also well aware of the privacy and security concerns some people would have.
So their approach is going to continue being to ignore what they did and pretend they're cool now. Alright, well you can download the maybe-malware if you want, I'll stay as far away as I can from this company myself.