this post was submitted on 07 Jul 2023
75 points (82.6% liked)

Linux

48372 readers
1739 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

OpenKylin is already starting to be implemented on government systems and private companies all around China.

Edit: This is what was written on the website.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 16 points 1 year ago (1 children)

Xenophobic fearmongering serves nobody.

Should we also avoid the Linux kernel, since it's Finnish, and Finland participates in the largest global surveillance apparatus with the USA? There's absolutely no reason to assume the distribution is any less secure or any more likely to be malicious simply due to it being developed in China or by Chinese.

Moreover, it's open-source. Use the same logic you should apply to open-source software before you accuse it of being malicious: look at the code and prove it.

[–] [email protected] 4 points 1 year ago (1 children)

That's fair.

Worked on by over 3,000 developers, 74 SIGs (special interest groups), and over 200 enterprises, openKylin has come a long way since its early releases.

74 SIGs (special interest groups), and over 200 enterprises

This is the only thing from the article that bothers me. My statement above was not meant to come across as xenophobic, but wary considering, historically, how involved China's government is with local tech companies and entities that would contribute to a project like this. Obviously, more data needs to be evaluated, but I think it's fair to be cautious.

[–] [email protected] 12 points 1 year ago

My statement above was not meant to come across as xenophobic, but wary considering, historically, how involved China’s government is with local tech companies and entities that would contribute to a project like this.

This right here is where the problem is though. Simply being associated with the Chinese governement is not sufficient to assume malfeasance. Just as any of the large USA tech giants that take various forms of government funding aren't automatically assumed to be malicious simply by being associated with a "malicious" government. Hell, the Linux Foundation (Linus' employer) is almost entirely funded by really creepy USA-based tech companies that themselves receive government money for various projects or products. I don't assume baselessly that Linus would make the distribution insecure simply because he's funded by people who might want that.

Obviously, more data needs to be evaluated, but I think it’s fair to be cautious.

It is only fair to be exactly as cautious as you would be to run any other random Linux distribution: say, some random person's fork of Debian. Again, unless you have actual reason to treat it differently, doing so baselessly is rather lame and doesn't serve anyone. Of course it's fair to be catious of something as critical as an operating system; but viewing it through a biased lens doesn't make you more secure.

SIGs (special interest groups)

I'm not sure the precise definition for what counts as an SIG here, but it could mean something analagous to the Linux Foundation. It isn't necessarily suspicious. I think, from context, it's used in contrast to "enterprises"; that is, I take it to include any volunteer or not-for-profit contributions.