• joborun@lemmy.world
    link
    fedilink
    English
    arrow-up
    11
    arrow-down
    6
    ·
    1 year ago

    I hate to burst your bubble but when it comes to 6-7digits of cash at stake what does “trustworthy” even mean? You mean between millions and his word to you he will choose his word? His previously stated values and principles?

    The guy who made waterfox seemed pretty nice, friendly, committed to the cause, then sold the project to a data-miner, and so did the honest people who made startpage, the trustworthy privacy minded search engine? Now they see waterfox is independent again and not part of the big multi-natinal data miner.

    Mozilla once again made a sudden change that breaks your previous profile or other functionality and if you dare roll back the upgrade your profile has been ruined in transition, so you are forced to start from scratch reconfiguring, setting up you std tabs, bookmarks, history … Same stuff with TB, addons/plugins disabled, new “features” added, whether you trust them or not, added dependencies … you roll back you lose.

    The google chrome-engine is so intrusive in the way it runs, degoogled or not, it is hell to have on a system. Maybe inside a vm without anything else other than specific browser session may be ?ok? for fluff work, nothing private I hope.

    The naivity of people to accept and sometimes welcom large corporations producing FOSS is what got us to this mess, and I don’t mean users, but devs, distro managers, … if it is legally FOSS it is OK, even if it is a huge trojan horse manufactured by corporations to penetrate an other wise safe and secure system. FOSS - no corporate involvement - may be it, but will it boot? LinFound. gets millions and millions to have board seats to influence kernel, and it seems to be dancing with their wishes.

    • EthicalAI@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      I think FOSS is enough because as long as you can fully read the code, it can be audited and even forked to remove BS. So I’m fine with companies developing FOSS. I don’t even really care about EEE. We can always maintain a fork of the standard at the moment you fucked with it. We can even still get your upstream changes just with the shit cherry picked out! It’s always a win.

      • joborun@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Have you audited any of it? Would you like to try gcc or systemd for that matter? By the time you go through 1% of it the code has changed already. How many times in the past years has tremendous security breaches been caused by FOSS and was discovered months after it was in effect, and some of this by coincidence, or corporate teams that review code.

        • EthicalAI@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          The fact I haven’t doesn’t mean I can’t read auditors who have, who do keep track of these changes. Zero days are usually caused by things no one noticed, not things that were intentionally added by corporate overlords to spy or back door a FOSS app.

          • joborun@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            Speck was pushed and provided by Google to linux, they added the content to the kernel having your naive belief, it was later found containing a backdoor to ALL systems, and Google raised their hands up and said it was passed to us by NSA. Is this what happened? Or did I dream all this up?

            Facebook provided 0 FOSS, not a bit, suddenly they make an algorithm they “bought” including the author, and make it foss, to build it it needs google software, like a bush fire more than half of distributions adopt it and all data provided as comparative to xz are false, based on poor use of xz to make zstd appear better, while still admitting zstd can never attain the level of compression, but it is fast (ONLY when xz is run on a single thread while zstd is multithread by default). They claim xz sums are different when run on 1 cpu or many, still not true.

            Just wait for that bomb to explode, the guy who wrote the code for zstd doesn’t seem possible to have enough knowledge to write it, he appears as a front for something.

            Things that smell like shit don’t have to be actually tasted to be called shit.