| 1 |
On Wed, Apr 1, 2020 at 8:18 PM Alessandro Barbieri |
| 2 |
<lssndrbarbieri@×××××.com> wrote: |
| 3 |
> |
| 4 |
> I have concerns about the inclusion of zoom in ::gentoo. For me it's more like a malware. |
| 5 |
> From the hacker news feed you'll find out that: |
| 6 |
|
| 7 |
I guess we could stick an einfo in the post-install messages, but if |
| 8 |
you're joining a zoom meeting are you going to be any more secure if |
| 9 |
you manually install the files instead? I can't imagine that people |
| 10 |
are going to stop attending meetings just because they picked the |
| 11 |
wrong software to host them. Plus a few of those concerns apply to |
| 12 |
MANY packages - such as a lack of end-to-end encryption, or ever |
| 13 |
having had a zero day. |
| 14 |
|
| 15 |
I'm not intending to endorse Zoom here, but Gentoo isn't really |
| 16 |
intended as a purist distro that will never include a package if it is |
| 17 |
associated with a service that might collect user data and so on. In |
| 18 |
fact, we have many packages with these associations. Ultimately users |
| 19 |
can decide what they want to run, and we're just providing the files |
| 20 |
in the most convenient and secure manner possible. For example, when |
| 21 |
the zero day is fixed if you're using Gentoo you'll benefit from our |
| 22 |
security policy, while you would not if you had just manually |
| 23 |
installed some files/etc... |
| 24 |
|
| 25 |
-- |
| 26 |
Rich |
Archives