Privacy/Freedom/Security/Transparency

  1. The acquisition of RedHat by IBM worries me as a European. Not only because of the “cloud” focus and the collaboration with Google & Microsoft (there’s a redhat - tweet), but also because of IBM itself and its proven role in PRISM. Can the Fedora project be trusted despite this acquisition? Who has the last word - Fedora or IBM/RedHat?

  2. The OS seems to be technically secure, but the web is not. How is this gap - also in connection with a browser - filled? I’m not talking about code here, but in Stallman’s spirit about privacy and thus freedom and thus actual security. You can see this question in connection with Fedora’s Chromium Browser, which offers VAAPI support, but is in no way “ungoogled”. And also Firefox is - without the corresponding user.config - a telemetry monster which even used telemetry, if telemetry is activated or deactivated. Data will also be sent to Google by default if various security settings are not deactivated. Then you have to deal with 2 policies: Mozilla and Google. So why not ungoogle your own Chromium Fork? Does Fedora (not IBM/RedHat) has a deal with Google (like EndlessOS which now shows more than clearly how run-down linux can be in our times)?

  3. In general I noticed that other privacy/security aspects are not discussed in Fedora forums. A question about how Quo Vadis certificates can be desitrusted (not only in the browser but system-wide) was simply not answered. Intended or not?

  4. Why is there no reporting of such incidents as Quo Vadis? The normal user (people like me) should also be informed by Fedora, including appropriate steps for the OS. A corresponding category in a Fedora blog would be enough. But there is no corresponding category (privacy/freedom/security) here either.

  5. Despite massive concerns, Fedora Silverblue is the best I’ve come across so far. Which divides the feeling of “having arrived” even more (due to the legitimate concerns).

It would be a lot more to write, but it’s enough. English is not my mother tongue, so I apologize for any grammatical mistakes. You know what I’m writing about. This is not primarily about code and coders, but about the ethical side. And this should not be forgotten by the coders. After all, the coders, not the managers, have the power. Without intelligent coders, every manager is nothing.

And without an ethical coder, the end-user’s rights are violated.

These issues should not be discussed away. And that’s the difference between “free software” & “open source” - their community only care about the code and leave out everything else that leads to catastrophes, as Snowden clearly pointed out. Without unethical coders, PRISM, upstream & co. would not be possible. Which side is Fedora on?

Especially as far as the future is concerned. The US government is a big customer of RedHat/IBM, that is no secret. Why should this not worry me as a European Fedora end-user, given the facts presented years ago and the aggravation of these facts (now as in the near future) ?

that’s it.

1 Like

Disclaimer: I’m not part of the Fedora team, so this is basically outsider observations.

A lot of Fedora devs are at Red Hat, but Fedora is still technically operated independently. Also, IBM has promised thus far that they’ll keep Red Hat mostly independent, and considering how much they spent on it, I doubt they’re planning on botching it. They essentially spent like a quarter of their net worth to buy…an ecosystem.

Also, collaborating with another company isn’t really so terrible… From a technical standpoint, Google and Microsoft have absolutely fantastic cloud services.

Going to guess it’s simply because this would take quite a bit of effort for something most users don’t care about. If they really want the privacy, they’ll probably know how to go into Firefox and toggle what they need to. You could also always install GNOME Web or another browser as well.

Again, not part of the Fedora team, but really the entire Quo Vadis incident was highly exaggerated, and distrusting random certificate providers is likely going to lead to more problems than it’s worth. In addition, most people with these concerns would probably be following the EFF anyway.

If I work as a cashier at Walmart, and I sell some really sketchy person water bottles, that doesn’t mean I support what they’re doing, nor does it mean that I’m going to quit my job and go with them to live the high life (pun intended). If anything, having an FOSS-focused company providing software to the government is a good thing, since I’d rather they run on an open platform than a closed one.

maybe you don’t have a problem with google, & co. & collaborating with questionable companys. that makes us very different.

i think these companys/people try to subvert FOSS. with success. free software & open source has become a big business, so i would remove the F in FOSS and call it OSS in this context.

companys like microsoft, facebook and google are proven to be a danger for the end-user and if one hasn’t slept the last few years, one knows that. this also applies imho to ibm. sorry.

and the cloud - focus goes imho to a wrong direction. offline - capacities have to be expanded, not the upload of personal data to strange server(s) out there (especially without active user - involvement resp. user - knowledge). there is no such thing as a “cloud”, which richard stallman clearly pointed out.

it sounds good, that’s all.

but of course, the cloudy cloud, a “good” idea, practical too (i also use tresorit myself and therefore eu-based ms-azure servers; encrypted - why? because of my limited offline-ressources & because of my own convenience-parameter, the biggest evil of all). but in times like these (also in times of universal quantum computers (yes, ibm again)), everything is a threat and nobody/nothing can be trustet. based on facts presented by snowden & other us-whistleblowers and based on our new technology.

it-affine people and above all coder must know all that. it’s their work ;). not the work of “a politician” or “a company”. it’s about people. it’s about coder. they do it - in the end. always.

but everything still goes on as if nothing had happened and as if nothing would happen. that confused me, but we have here in the eu (you know it) now additional (only momentary bigger) problems with the eu - copyright - reform. it never ends.

one just have to learn to say “no”. the current situation reminds me of this (never gets old) experiment: obedience .

and a really funny link (with serious background): programmers_are_evil() .

silverblue - a “newer approach” - relativizes some of the problems mentioned in the last video; therefore: “new” is not always “bad” & “bloated”. the opposite is also possible. i’m concerned about another point mentioned in the video.

however, my anger has gone, silverblue runs and runs and runs, your help was and is perfect, i’m not banned here despite the first angry post, fedora is awsome.

so a complete inner - disruption, which only becomes a unity by believing in the good in humans. milgram’s experiments have shown that as well (even if only to a small extent). but as long as potential is there, nothing is lost. i’m done with this topic and no don quichotte; other work to do. my work (on the system).

ps: i wrote an email to chris titus tech, he should try awsome silverblue and make a video of it. let’s see what happens. i see the future happen, every day when i start the system.

hopefully it will be a future that respects the privacy - rights of the end-user to 100%. which will become difficult with various partners. but it’s not impossible. it is up to you people to say “no” at a certain point.

just like - some - probands in milgram’s experiment. do no evil©. even if the big money comes along.

noe

2 Likes