>>>>> On Thu, 02 Apr 2020, Rich Freeman wrote: > I guess we could stick an einfo in the post-install messages,
Not sure if that's necessary. Zoom is a proprietary, closed-source, fetch-restricted package, so users should know that they cannot expect the same level of quality as for free software. (In the default configuration, it is license-masked, so users must explicitly unmask it before installation.) > but if you're joining a zoom meeting are you going to be any more > secure if you manually install the files instead? I can't imagine that > people are going to stop attending meetings just because they picked > the wrong software to host them. Plus a few of those concerns apply to > MANY packages - such as a lack of end-to-end encryption, or ever > having had a zero day. > I'm not intending to endorse Zoom here, but Gentoo isn't really > intended as a purist distro that will never include a package if it is > associated with a service that might collect user data and so on. In > fact, we have many packages with these associations. Ultimately users > can decide what they want to run, and we're just providing the files > in the most convenient and secure manner possible. For example, when > the zero day is fixed if you're using Gentoo you'll benefit from our > security policy, while you would not if you had just manually > installed some files/etc... +1 Ulrich
signature.asc
Description: PGP signature
