That Microsoft has restored WireGuard's ability to release updates is good, sure.
-
That Microsoft has restored WireGuard's ability to release updates is good, sure.
But should we really accept a situation in which Microsoft was able to take it away in the first place?
Different people will have different takes, I appreciate, but so much power concentrated in the hands of one private commercial organisation seems... unwise.
What about VeraCrypt? 🥺
-
@neil Well, you’ll only get updates of open source software as long as their are people willing to maintain it. That’s a timebomb waiting to go off and will cause problems for commercial software too…
(Point taken - will think on how to rephrase in a neutral way)… -
@neil Microsoft and Apple’s gatekeeping hasn’t been that effective in keeping malicious actors away either - there’s been at least one case of compromised signing certificates introducing malicious code. I’m not convinced that it is done out of malice or even corporate interest, I think it’s done from a place of trying to keep the integrity of software. Supply chain compromises are real and increasingly common, but I suspect a lot of the reviews of third party developers have been automated and that’s where the intransigency kicks in…
-
If you check, unsigned code will give you a warning, but you can install it.
As compared to all the npm crap that installs without warning off github.
Trying to download an update to LittleNavMap usually triggers a warning, but I trust the author far more than most random stuff on github that's signed.
-
That Microsoft has restored WireGuard's ability to release updates is good, sure.
But should we really accept a situation in which Microsoft was able to take it away in the first place?
Different people will have different takes, I appreciate, but so much power concentrated in the hands of one private commercial organisation seems... unwise.
Considering the amount of investment that American tech companies are getting from anti-democracy outfits like Koch Network and from oppressive petrostate despots, it's prudent to move away from these platforms quickly.
https://www.theguardian.com/law/2026/feb/18/international-criminal-court-icc-judges-trump-sanctions
They're private companies. There's no such thing as civil rights or fair treatment when located in a despotic regime like Trump's.
Or #PrinceBonesaw 's regime.
https://www.justiceinfo.net/en/156691-how-sanctions-can-weaponize-us-tech-against-the-icc.html
Microsoft may be forced to share user data with Saudi Arabia after investing $2B in cloud storage facility
Saudi officials announced that Microsoft has invested $2 billion in building a cloud storage facility in the kingdom. Privacy pundits are warning against what the move means for data security.
New York Post (nypost.com)
-
That Microsoft has restored WireGuard's ability to release updates is good, sure.
But should we really accept a situation in which Microsoft was able to take it away in the first place?
Different people will have different takes, I appreciate, but so much power concentrated in the hands of one private commercial organisation seems... unwise.
@neil WireGuard should boycott Macroslop now.
-
That Microsoft has restored WireGuard's ability to release updates is good, sure.
But should we really accept a situation in which Microsoft was able to take it away in the first place?
Different people will have different takes, I appreciate, but so much power concentrated in the hands of one private commercial organisation seems... unwise.
@neil Actually, here's another (related) question. In the case of an open code signing arrangement, where you are able to install your own code signing certificate authorities instead of only being able to trust the one(s) that the operating system vendor provides, how do you prevent malicious actors from installing code signing CAs that you didn't want installed, and therefore able to run untrusted (by you) code?
It strikes me that neither scheme is without its problems.
-
@neil I suspect that the majority of folk want their things to ‘just work’. It used to be if you bought software it would have undergone decent QA testing, be designed by people that understood good UI design and on the rare occasion you’d need support it would be there. I’m not sure that’s the case any more…. Is open source the answer? In some cases yes (e.g. Open Office), in others (I’d argue a lot of Linux desktops) notsomuch. Ultimately, does it pass the grandmother test - could you install something and your grandmother could use it without needing continuous handholding - if it doesn’t then it will never be widely adopted…
@foxbasealpha @neil funny enough, I’ve been recommending Linux as a better alternative for grandmas for a couple of years now
It think it works best for people who are either really into it (Linux enthusiasts) and for people with no tech literacy at all. You can set grandma up with a web browser and email program on Linux and she’ll never need OS help again. No bitlocker errors, pdf reader pop up ads, full page windows upgrade prompts, no way to stuff it up.I think where Linux can fall flat is everybody else. People who need to use specific stuff that’s not in a web browser (art, streaming have been issues for me with Linux) games outside of steam, or competitive pvp games, music production and so on.
-
@Slash909uk @neil Alas, they don't want to. For some reason they think Big Tech will save them.
It’s likely that the UK government publishes the required solution and its mandatory features. The supplier selects whichever compliant product fits within the allocated budget, provided it has a commercial support contract.
-
It’s likely that the UK government publishes the required solution and its mandatory features. The supplier selects whichever compliant product fits within the allocated budget, provided it has a commercial support contract.
@_XCM @Slash909uk @neil This doesn't seem relevant to the discussion at hand. I'm muting this conversation, now.
-
S stefano@mastodon.bsd.cafe shared this topic
