Redhat and Fedora

Then it’s not really a telemetry, it’s just local data collection that doesn’t really make sense at all.


See all that opt-in stuff might make sense on the surface, but if you dig deeper it’s by definition not safe…

I’m a bit busy this days to make full thesis, but if we keep it fast (and interesting for other people to fill in the gaps and do some research):

  1. Telemetry is a technical mechanism to collect and send your data to some other destination.

  2. It doesn’t matter how exactly it’s implemented: opt-in, opt-out, opt-sideways, plain text, encrypted, anonymized or seemingly not so harmful - it can, and i argue therefore will be used for malicious purposes.

Why?

  1. It can send such data, because mechanism for that exists in the code, even if turned off because some dev made an oopsie-doopsie or it became a policy of company to f**k with their users - you will not even know that, because absolute most people can’t physically check all of their software source code and binaries compiled by distro or whoever else all the time, and it takes only one time to loose everything.

  2. You can make an absolutely unique fingerprint of any person by just hashing 4-6 anonymous / “privacy-preserving” data points (more = better) - if that data gets in malicious hands you’re toasted.

  3. There were many real world court cases used to identify person with 100% accuracy solely by anonymous telemetry data points and unfolding identity from there, and it was done by hand forensics, this days it will take seconds using AI, and minute to verify it by human.

  4. Even now it’s easy to get some “anonymized” metadata databases of random users on clearnet in a given city, what can i say about darknet not so anonymized data sold by hackers and government employees for a quick buck, with such databases just using geotag / ip in combination with device model you can physically target anyone with 100% accuracy rate.

So it is a very complicated topic to grasp for our favorite average Joe, because he’d need a lot of knowledge and imagination to break the wall of “opt-” gaslighting.

But not very complicated to avoid - if you care about your Freedom / Privacy and if you can - do NOT use any software that has telemetry code in it. I know many might say it’s almost impossible, if possible at all…I say - boycott anyone who tries to introduce it and be aware of the risks, coz we’re living in a :clown_face: :earth_africa:.

Telemetry gives much more risks for no good reason, than anyone should take.
It can only be justified for testers / by testers, with those special bits of telemetry code inserted only in dev environment / packages, because it’s their choice / profession.

image

You can call it whatever you want, it makes perfect sense. The developer says to the user: “I would like these statistics and usage data from you so I can decide where to focus my efforts and to have a good salespitch for my investors. And I might also sell it for targeted ads… Would you send it to me?” And the user either sends this file, or deletes it. The software which collects the data has no way to send it, it’s up to the user to do it. The data is in plain text, so that the user knows exactly what is being sent.

That is the only way telemetry can be completely voluntary and cannot be abused. The developer cannot just turn it on willy-nilly, it depends on the active participation of the user.

So far the only instance of such approach i personally recall, and i assume it’s because it just weights a lot of megabytes - is full Nvidia linux driver bug-report…

But that software has another problem - it’s proprietary! :rofl:

1 Like

Maybe April’s Fool’s day news.
Suse forks RHEL, with help from Rocky.

3 Likes

SUSE offers both their openSUSE which is free and a 1:1 binary to SUSE Enterprise. They are big supporters of open source, and I like how transparent SUSE is.

They’re the 3rd longest running distro development, with only Debian (2nd) and Slackware (1st) being older.

And now, in the spirit of open source, SUSE Linux is going to fork Red Hat Linux and aid those who were slapped in the face, left stranded by Red Hat. And Rocky Linux, from the sounds of things, is joining.

Personally, I hope the fork is used as a bridge to slowly and eventually migrate together Red Hat and SUSE. I think everyone would greatly benefit if they obtained the best of both worlds. But that is, only, my opinion.

1 Like

De-centralization of Linux is both advantage and disadvantage.
When/if all Linux becomes centrally controlled, who is going to protect us from the controller?
Or, how can we control the controller?

Better poor and free, than rich in a cage. :owl:

1 Like

Oracle propose to red hat to becoming a downstream since they don’t want to pay for it :face_with_hand_over_mouth:

Finally, to IBM, here’s a big idea for you. You say that you don’t want to pay all those RHEL developers? Here’s how you can save money: just pull from us. Become a downstream distributor of Oracle Linux. We will happily take on the burden.

1 Like

I am not looking for every Linux distro to join forces under a single umbrella. I’m just looking for those poor individuals who got caught up in Red Hat’s drama to have a safe, dependable, and secure alternative to easily transition and migrate toward. But I am also a realist and suspect managing multiple distros can be time-consuming and costly, so I can easily imagine them consolidating in the future.

For Enterprise Business there is still Debian, Ubuntu, AlmaLinux (Alma Linux), EuroLinux (Euro Linux), and others. No one is going to suddenly rule the Linux echo system under a single banner.

Poor is not the most appropriate word. Some of them have become rich, selling support for a product which was completely free of charge. Not all of them are poor, if any.
Their problem is that they have to recreate their businesses from scratch, as the product they were selling was technical support (mainly).
It’s like having found a Goose :dodo: that makes golden :coin: eggs, you were enjoying free time and gold :trophy:. And now the Goose :dodo: has died, and you have to find another Goose. :swan: :duck:

It looks like both Oracle and Suse are looking to capitalize on the bad blood RH is creating and steal some market share.

5 Likes

The future of Linux is one of the greatest mysteries in our Universe.
Lots of enemies want it dead.
Lots of enemies want it alive, but they would control/own it.
Lots of friends want it pink.
Lots of friends want it orange.
Lots of friends want it green.
Lots of friends want it red.
Lots of friends want it tall.
Lots of friends want it wide.
… and the list goes on. :rofl:

1 Like

I want it purple! :enos_flag: :laughing:

2 Likes

Who really cares about Red Hat. I could never understand why so called corporate uses felt comfortable using Red Hat over others. We have endeavourOS which is a better alternative then Red Hat. If I was head of an IT dept. I would use either Debian or an Arch based distro. We have SysAdmins to help with OS problems and solutions. In the worse case Fedora could just spin off itself to be completely independent of Red Hat.

1 Like

Because it has 10 years of support and if officially supported by many 3rd party commercial software packages. As a server, it has a lot going for it in an enterprise environment.

3 Likes

If one has qualified SysAdmin’s then does one need 10yrs. of paid support for out-dated software? Is 3rd party commercial software really any better then GPL software? As a server there better Linux distros then Red Hat. Why not pick the distro that really fits ones needs rather then just dropping in Red Hat as a so-called 'safe solution for expensive support that one does not really need.

1 Like

Eh? It depends what you are supporting. If it is a modern application hosted in kubernetes or something than, sure, that is true.

For legacy applications, an OS upgrade might cost you 10s of thousands of man hours or more. Every situation is different.

If it takes you 18 months of planning and execution to complete a platform upgrade, you don’t want to do it every 3 years.

There are really only four material players in the server distro market. RH, Suse, Ubuntu and Debian. However, debian only has 3 years of support and limited commercial support which can often eliminate depending on corporate policies.

In many cases, yes. Substantially better.

In a large enterprise you don’t want to be a situation where you are supporting diverse platforms so you often make a decision that best supports all your needs which often include long-term support.

1 Like

it actually has 5 years of free support:
https://wiki.debian.org/LTS

Debian Long Term Support (LTS) is a project to extend the lifetime of all Debian stable releases to (at least) 5 years.

and can actually be prolonged to 10 years through payments:
https://wiki.debian.org/LTS/Extended

Extended Long Term Support (ELTS) is a commercial offering to further extend the lifetime of Debian releases to 10 years (i.e. 5 supplementary years after the 5 years offered by the LTS project).

I am pretty sure Debian ELTS is cheaper then Red Hat, especially because you don’t need to pay for the first 5 years.

It only has 3 years of official support from Debian, the additional 2 years are provided y another organization. That response was in the context of an enterprise scenario. It would depend on the specific policies of the enterprise and the decision makers at the time if they would factor those additional 2 years of support or not.

Since this is provided by yet a 3rtd organization, it will fall into the same caveats as above.

I think the point is that up until a couple of weeks ago, you could get all 10 years for free.

its the same organization, just another team inside it.

We currently are in the final steps of clearing the path for the switch to Debian and we are going to utilize LTS, but not the ELTS because we see it as a big chance for us to have a new OS every 4-5 years instead of every 9-10 years.