Re: How secure is an installation with with no non-free packages?

To: debian-security@lists.debian.org
Subject: Re: How secure is an installation with with no non-free packages?
From: Marko Randjelovic <markoran@eunet.rs>
Date: Wed, 2 Oct 2013 16:38:41 +0200
Message-id: <[🔎] 20131002163841.0729e9ad@eunet.rs>
In-reply-to: <523239B3.7090702@gmail.com>
References: <523234F5.1090002@riseup.net> <523239B3.7090702@gmail.com>

> I can't speak to those packages specifically but I think the answer
> you'll get from most people, especially in this community, is that
> non-free software is inherently insecure because you can't know
> exactly what it is doing. Thus, a fully free system such as Debian
> with only main enabled or Trisquel or so is, in principle, more
> trustworthy than any system running non-free code.

There is a fairy tail called "Dark County". Some travelers came into
dark county where nothing could be seen. They felt stones on the ground
and heard a voice: "it you take you will regret, if you do not take
you will regret". Some of them took the stones, some of them did not.
After they got out, they saw it was precious stones and those who
didn't take regretted because they didn't take and those that took
regretted they didn't take more.

I am not telling this story because I think Intel/AMD microcode is
precious, but to stress how bad is when you do not know what you are
dealing with.

-- 
http://mr.flossdaily.org

Reply to:

Prev by Date: Re: [NodeJS NPM] security concerns
Next by Date: Security updates realized by new releases, case for backports?
Previous by thread: Re: [NodeJS NPM] security concerns
Next by thread: Security updates realized by new releases, case for backports?
Index(es):
- Date
- Thread