On 13.4.2022 08:04, David Bold wrote:
It seems I must be missing something? Why should we not care about a
significant number of our users, just because other OSs have more users?
Could you explain that?
First of all this is not significant number of Fedora's users ( or in
the overall desktop ecosystem ) and secondly as David Cantrell already
pointed out downstream distribution should not be expected to jump
through hoops to support hardware vendors that are unwilling to
participate in the open source Linux ecosystem.
The consumers of such hardware vendors should either stop buying their
hardware ( like I did decades ago ) or contribute to opensource projects
that provide the required support to be able to use that hardware.
And the idea that has been circulated that Fedora is supposed to be
building third-party kernel modules ( since this security nightmare is
being opened why limit it only to nvidia ) and *signing them* without
being able to validate the content it is building is a security risk [1]
that affects all Fedora users regardless if they use a third party
module or not, is just outright ridiculous both from a security point of
view as well as it will hinder participation on the projects that are
trying to provide an opensource alternatives.
JBG
Ps. cc-ing devel list.
1.
https://www.bleepingcomputer.com/news/security/malware-now-using-nvidias-stolen-code-signing-certificates/?s=09
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
