this post was submitted on 04 Nov 2024
145 points (100.0% liked)

Technology

37735 readers
45 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

cross-posted from: https://feddit.org/post/4415864

The petitioner calls for the European Union to actively develop and implement a Linux-based operating system, termed ‘EU-Linux’, across public administrations in all EU Member States.

This initiative aims to reduce dependency on Microsoft products, ensuring compliance with the General Data Protection Regulation (GDPR), and promoting transparency, sustainability, and digital sovereignty within the EU.

The petitioner emphasizes the importance of using open-source alternatives to Microsoft 365, such as LibreOffice and Nextcloud, and suggests the adoption of the E/OS mobile operating system for government devices. The petitioner also highlights the potential for job creation in the IT sector through this initiative.

[Edit typo.]

you are viewing a single comment's thread
view the rest of the comments
[–] IrritableOcelot 1 points 2 weeks ago (1 children)

Sure the threat model is different, I'm just saying it's still a single point of failure.

[–] millie 1 points 2 weeks ago* (last edited 2 weeks ago)

It's not, though. It's a much wider potential for failure, as there are a great number of dependencies that are often left to individual developers to maintain. That may be a somewhat reasonable amount of risk when you've got multiple options for dependencies and no major target, but when the entire EU relies on single individual maintainers? That's a massively exploitable threat vector. It would be absurd to assume no one will take advantage given what we've already seen.

It would be an extremely foolish move to put the whole EU's security on one single set of open source dependencies. Microsoft at least has a financial and legal incentive to try to prevent straight up breaches by state actors, shitty as they may be. There's no such resource allocation or responsibility when it comes to open source repos.

Push a switch to Linux, by all means, but security monoculture is as big a mistake as putting your eggs in any other single basket, especially one as exposed as one single distro.