Comment by sarakayakomzin

> If you're not reading all the source of everything you're running, any or all of it it absolutely could be reporting usage/stats/your data to a "mothership".

there's a big difference in threat vector between one mothership and 200.

Just because there's no single central org involved doesn't make it safe.