this post was submitted on 24 Oct 2024
1059 points (96.9% liked)
Technology
59566 readers
3873 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I’ve worked side by side with RU devs who were both personable and damned competent. Never were their tech skills in doubt, and I retain quite a bit of respect for those individuals.
I’d not do the same today explicitly because of the political and compliance implications. It’s unfortunate, but necessary.
Again, with open software that is not necessary... If we get to believe that argument, those potential "FSB" coders would be the ones who would notice if the CIA was trying to place a back door in the kernel too. Open Software is OPEN!!
Would they? The XZ utils backdoor was only discovered by what can only be described as an insanely attentive developer who happened to be testing something unrelated and who happened to notice a small increase in the startup time of the library, and was curious enough to go and figure out why.
Open does not mean "can't be backdoored".
Can you explain me why Linux waited till the very last moment of the Executive Order 14071's grace period (the order is from April 2022!) to apply it? Obviously he trusted those people, or the verification system of the open system! Imagine you don't like a political party for bad... fair enough, so you ban their representatives from voting table... don't you think, that incentivizes the other party committing fraud? In these open system things, the more eyes the better, I don't care if commies, libertarians, ultra-right or whatever, the diversity is what keep it in check..
Slow walking compliance is normal. It keeps assets liquid and processes & people in place as long as possible before making changes. It also prevents the cost of changing back and forth if a new rule is struck down before its final date.
What will happen often is that a compliant procedure will be developed as soon as possible, but no changes will be made until absolutely necessary. That gives the organization maximum time to figure out other routes of compliance, fight the rule and continue at pace before they change.