Arch Linux is open source which makes a huge difference. Idk about nginx tho
Comment on Kaspersky's iShutdown Tool Detects Pegasus Spyware and Other Mawlare on iOS Devices
stardreamer@lemmy.blahaj.zone 5 months agoOut of curiosity what do you think of Nginx, which used to have its main offices in Russia (that also got raided by Russian police) or Arch Linux, where one of the main packagers (up to 30% of official packages) is managed by Felix Yan (which I believe is a Chinese citizen)? Where is the line drawn? Is it only for profit companies, security software, or something specific?
Supervivens@lemmy.world 5 months ago
stardreamer@lemmy.blahaj.zone 5 months ago
Nginx is 2-clause BSD, which I would argue is more “Open Source” than Arch Linux (official repo contains proprietary components such as discord, steam, multimedia codecs). You could argue that the majority of it (and it’s build system) is open source, but probably not “Arch Linux” is fully Open Source.
BassTurd@lemmy.world 5 months ago
Both examples you listed are open source, so anyone can review their code. No government can dictate what gets published to the code, and if they can, it will be noticed and get forked.
stardreamer@lemmy.blahaj.zone 5 months ago
This probably sounds pedantic but based on this the issue isn’t that the software is Russian. It’s that the software is under the regulation of an authoritarian government (which is Russia)
gravitas_deficiency@sh.itjust.works 5 months ago
Precisely. If kaspersky were 100% open source, I would not have said what I did. But it’s closed source, and it’s owned by a Russian company, subject to Russian laws, and Russia is a authoritarian state, hostile to most of the world at this point - either directly or indirectly - so one would be forgiven for assuming the worst, in terms of what was put in the code at the FSB’s behest.