[cooperation-wg] Cyber Resilience Act effects on OSS on agenda of open source-wg
- Previous message (by thread): [cooperation-wg] Minutes of RIPE85 Cooperation WG session
- Next message (by thread): [cooperation-wg] Cyber Resilience Act effects on OSS on agenda of open source-wg
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Niall O'Reilly
niall.oreilly at ucd.ie
Thu Nov 10 19:41:21 CET 2022
[no hat] On 31 Oct 2022, at 10:14, Alessandro Vesely wrote: > What software would you use, a fully certified, professional OS, or a run-at-your-risk > product by hobbyists who are exempted from security regulations by a compassionate > exception to the Cyber Resilience Act? I don't understand what the point of this (perhaps rhetorical) question is. In a former day-job, I've had to deal with a "professional" Linux distro, whose provider was so risk-averse, and who operated such an ossified acceptance process for integrating upstream FOSS packages, that the distro was operationally unfit for purpose unless I chose to do without the "protection" supposedly provided by the "professional" packaging. I also know some hobbyists whom I would trust with my personal physical safety, or even my life. The only thing one can be sure of with certification is that the holder of a certificate managed to pass the test. https://dilbert.com/strip/2000-08-31 Best regards, Niall
- Previous message (by thread): [cooperation-wg] Minutes of RIPE85 Cooperation WG session
- Next message (by thread): [cooperation-wg] Cyber Resilience Act effects on OSS on agenda of open source-wg
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]