Open source (as the term is usually used) is not technically necessary. You could have proofs about native binaries, too. The real distinction is between software you have the code for (the running code, not necessarily the source code) - and software that runs out of your control, you don’t know its code, and you communicate with it remotely.
Sandboxes are good but suffer from the “boxed AI” problem, so it’s nice to have defense in depth.
Open source (as the term is usually used) is not technically necessary. You could have proofs about native binaries, too. The real distinction is between software you have the code for (the running code, not necessarily the source code) - and software that runs out of your control, you don’t know its code, and you communicate with it remotely.
Sandboxes are good but suffer from the “boxed AI” problem, so it’s nice to have defense in depth.