Do you trust a chinese Linux distro?
-
From 'Daily Insider', Monday, May 22: deepin Linux V23 can replace Windows 11 on your PC I read it until sentence 2, If you are dissatisfied with Windows 11 or macOS, and intrigued by Linux, deepin, a distro from China,.... Well, enough reading this article and closed the tab. Sorry but I don't trust a Chinese distro.
Behzad
As I already answered there[^]
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
-
From 'Daily Insider', Monday, May 22: deepin Linux V23 can replace Windows 11 on your PC I read it until sentence 2, If you are dissatisfied with Windows 11 or macOS, and intrigued by Linux, deepin, a distro from China,.... Well, enough reading this article and closed the tab. Sorry but I don't trust a Chinese distro.
Behzad
No. More specifically, I trust the people but not the CCP government that forces the people do certain things. Everyone knows the story of the boy who cried wolf, yet few people learn the lesson behind it. Their track record doesn't lend itself to blind trust.
Jeremy Falcon
-
Not without a full security review of every line in the code. Which ain't gonna happen.
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows. -- 6079 Smith W.
Daniel Pfeffer wrote:
Not without a full security review of every line in the code.
Direct quote from an acquaintance of mine back in the 90s: "That's the beauty of open source! You can read it and make your own changes!"
Daniel Pfeffer wrote:
Which ain't gonna happen.
Pretty much my response. I've got my hands full already with my own code and need to focus on that.
-
From 'Daily Insider', Monday, May 22: deepin Linux V23 can replace Windows 11 on your PC I read it until sentence 2, If you are dissatisfied with Windows 11 or macOS, and intrigued by Linux, deepin, a distro from China,.... Well, enough reading this article and closed the tab. Sorry but I don't trust a Chinese distro.
Behzad
-
No. More specifically, I trust the people but not the CCP government that forces the people do certain things. Everyone knows the story of the boy who cried wolf, yet few people learn the lesson behind it. Their track record doesn't lend itself to blind trust.
Jeremy Falcon
-
Daniel Pfeffer wrote:
Not without a full security review of every line in the code.
Direct quote from an acquaintance of mine back in the 90s: "That's the beauty of open source! You can read it and make your own changes!"
Daniel Pfeffer wrote:
Which ain't gonna happen.
Pretty much my response. I've got my hands full already with my own code and need to focus on that.
Yeah, very few people are capable of understanding that code, nevermind putting in the time to read millions of lines of complex code and figuring out what each of them does.
-
I'm not even sure I trust the people. Chinese culture simply doesn't include the concept of private property. They have "private property" but from a cultural standpoint, it has no real meaning.
Your Apple phone isn't yours either. Apple decides what happens to it. Microsoft decides what happens to your Windows machines. Etc. And they will sell your data to the highest bidder, as does every other company, while the NSA has backdoors into pretty much everything, with or without cooperation from the tech companies.
-
Yeah, very few people are capable of understanding that code, nevermind putting in the time to read millions of lines of complex code and figuring out what each of them does.
-
...and then, some bugs are so subtle even experienced developers might not catch them *knowing* there's a bug and staring at the code.
And then, do you trust the compiler? A long time ago there was a proof of concept where someone had modified a gcc compiler to that if it compiled a linux kernel it would insert a backdoor in the logon process, and if it compiled a gcc compiler, it would insert the code that would make the compiler do this. I wouldn't necessarily trust a Chinese distro any more than I would trust an American distro or Windows or Mac OS or a Cisco firewall. Imo, if an agency like the NSA or their Chinese equivalent wants in on your network, they have the resources to do so regardless of what you are running.
-
And then, do you trust the compiler? A long time ago there was a proof of concept where someone had modified a gcc compiler to that if it compiled a linux kernel it would insert a backdoor in the logon process, and if it compiled a gcc compiler, it would insert the code that would make the compiler do this. I wouldn't necessarily trust a Chinese distro any more than I would trust an American distro or Windows or Mac OS or a Cisco firewall. Imo, if an agency like the NSA or their Chinese equivalent wants in on your network, they have the resources to do so regardless of what you are running.
Bruno van Dooren wrote:
Imo, if an agency like the NSA or their Chinese equivalent wants in on your network, they have the resources to do so regardless of what you are running.
It's also cheaper to just break down your front door. [xkcd: Security](https://xkcd.com/538/)
-
Bruno van Dooren wrote:
Imo, if an agency like the NSA or their Chinese equivalent wants in on your network, they have the resources to do so regardless of what you are running.
It's also cheaper to just break down your front door. [xkcd: Security](https://xkcd.com/538/)
And beat me with a rubber hose until I log in as a domain administrator in my company. I know. But that is visible and will trigger a response to the breach. Siphoning away our data without anyone noticing is where the game is at.