Every organization is different but this statement would be enough for some organizations to not consider it official support:
Debian LTS is not handled by the Debian Security team, but by a separate group of volunteers and companies interested in making it a success.
I personally would be cautious of considering it more than 3 years of official support as it relates to using it in an enterprise setting.
Especially since in a large enterprise setting, you need to consider shifting leadership. If there is a huge investment to switch across 5,000+ servers and you are banking on 5 years internally and then you get a new security officer or senior executive who decides that since the extra 2 years are not provided by debian security team you need to switch sooner, you could put yourself in a bad spot in a large enterprise.
In a smaller organization, it is likely that the stakes are lower and the chances of that happening are also lower so it is a different decision. I wasn’t trying to influence the decision one way or the other, just sharing my perspective as a former security officer.
Where is overthere? They have a half dozen forums so I never knew which one to go to. It’s very confusing how they have it setup. Or maybe pm me a link or two? It’s disappointing for sure.
In FOSS, code is a product and also the developer’s property
Licensing is protecting the freedom of the code.
You can use published code, as far its License approves
If there is no published License, the code cannot be used/shared.
Apply Code Licensing to User’s Collected Data
In the case of a distro that collects user data, they need user approval, but how many choices do they offer to the users, in comparison to the well known Licenses? (yes/no)
It gets very complicated, so I speed up to my personal conclusion:
Any user data collected by a distribution, can only be used under the same License on which they provide the rest of their software. Publish like OSS code.
I hear the immediate question:
How can user data be published in the open, so anyone can see?
The answer is simple, and similar as when you ask “which words are bad?” (those that a child shouldn’t hear)
If publishing user data in the open, produces embarrassment to the users that own the data, then they selected the wrong set, type, and/or format of that data.
There might be another question:
Why would a distro collect user data, and share them with their competition?
Tell that to the distro managers/staff that are supposed to manage Free Open Source Software.
There is nothing to hide from competitors, when everything is published.
There goes this post’s opening statement.
They are arguing over something that is not theirs, as if they are the owners.
yeah, if you have to rely on a company to offer you a product, Debian is the wrong way to go.
We do not want any OS provided by or linked to a company any more. We trust in the long track record that Debian has as a purely community based distribution. They have a decades long history of being independent and being able to provide a rock solid distribution. And with that, we do not care which part of the community provides the LTS support - and no change of team leads will change that, we are not structured that way. Also, we only have hundreds of machines, not thousands.
Any company can go the way Red Hat is currently going - SuSe was already owned by several companies and has lost a big part of it’s community with some of those owner changes (the company I work for actually used SuSe long before I worked there and jumped ship to RHEL with CentOS with CentOS 4 or 5)
Canonical also has made some unpopular changes in the last years, and our Tech department also does not like that they heavily use snaps even in the server version.
I have no say in the decision the company I work for takes, but I am one of the stakeholders that can share their opinion on the matter. And my opinion is clear. For us and our use cases, the best way forward is Debian. The other stake holders either have no opinion and want to use whatever the Tech department provides or share my opinion.
As an update, the proposal is being rewritten/revised and one of the changes is to move from an opt-out model to a opt-in model with a forced choice. Something like choosing between two buttons share or don’t share.
I know nothing is set in stone, and that’s fine for right now, communication and proper discussion is crucial, but it’s already making me start to consider switching from Fedora 38 back to Arch if this proposal goes through in a way I wouldn’t approve of myself. I don’t want to knee jerk anything, but this whole situation leaves a really bad taste for me.
Totally unrelated, I wonder when the next EndeavourOS iso release is…
OpenELA has been announced as the Open Enterprise Linux Association that brings together CIQ (Rocky Linux), Oracle, and SUSE for collaborating around RHEL-compatible Linux distributions.
This is bad news for Gnome in particular. The Register seems to suggest this is because the users of RHEL Workstations prefer using Macs to Fedora desktops or laptops for productivity tasks. As such, the projects that Nocera was previously working on are not priorities for RHEL customers unlikely to be monetisable.
you used to be with Solus, as did I. When Solus disappeared I went to Fedora 37 thru 38–like you said elsewhere in the thread: it works. It was easy, nothing ever really challenged me, and I liked the stability. All to say I joined their forum for a while. The unofficial forum. A good deal of Fedora users there think Red Hat is will within their rights and they support the decisions. Many also consider Fedora independent of RH and subsequently unaffected. These are long-timers with rose-colored glasses, or they know something we don’t know.
Fedora is comprised of more Committees and Boards and decision-making structures than I’ve ever seen, so the wheels turn different there.
(When Solus came back under competent leadership recently and re-stabilized the OS, I came back to it, and unhitched Fedora. Until I found Endeavour…the Arch experience is like ‘where have you been’)
I’m a little late to the party, but I felt I like I wanted to discuss that exact topic and seeing as such discussion already exists I figured I’ll share some of my thoughts
In regards to the Original Topic, I believe that absolutely Fedora will be affected by any and all of Red Hat’s decisions and their current trajectory for the future.
As others have already pointed to issues like:
Telemetry:
Having read the fedora discussion I find Catanzaro’s general attitude in that conversation completely hypocritical and very telling of RHs power involvement…
He abandoned his original “ultimatum” of “opt-out or none at all”
This is to ensure the system is opt-out, not opt-in. This is essential because we know that opt-in metrics are not very useful. Few users would opt in, and these users would not be representative of Fedora users as a whole. We are not interested in opt-in metrics.
after seeing it was never going to get approved by FESCo:
This leads me to believe there absolutely is pressure (not just initiative) from “above” (RH/IBM) for a telemetry system to make it into Fedora.
From day 1 of the system proposition, any and all discussion around legal (mainly GDPR) issues was aggressively discouraged. I understand that Red Hat has a legal team, but that doesn’t mean I should trust it. Similar to how I don’t trust that their new take on the GPL (removing the freedom of distribution) is legal. Of course we may never know if the case never reaches the courtroom.
I don’t think it’s very reasonable to claim that the suggested-action style class is a “dark pattern,” but for anyone who feels it is, then yes, there would be a dark pattern.
For anyone (especially developer), his descriptions are both reasonably and unquestionably a “dark-pattern”. It’s not up for discussion.
He does not persuade me in regards to the “usefulness” of the data-driven development when the implementation of one of the most data-driven features Gnome lacks (app indicator / tray) is completely stale even after ngompa appears to have pushed an “ultimatum” for the introduction of that feature in Gnome 45 (https://pagure.io/fedora-workstation/issue/264#comment-845383).
That’s not to say the survey was not interesting. E.g. maybe we should be prioritizing shell extensions more since they’re evidently very interesting to our most motivated users.
)
How is someone ignoring what the data suggests needs to be prioritized supposed to persuade me that data is needed to drive development resources???
I have not looked into it (yet), but it makes me wonder if the delay of DNF5 to F41 has been a result of similar issues.
Monopilization of FESCo:
My views on this are pretty much exactly what a user (linked) has already worded nicely in the discussion:
AFAIK, 9/10 of the FESCo members and 6/7 of the Council members are Hatters. I agree that this shouldn’t be characterized as a RH decision, because Fedora is a community project with its own governing bodies. However, it is worth recognizing that these bodies are dominated by Red Hat employees, even if their job isn’t to speak for Red Hat.
Who in their right mind would trust Oracle over Red Hat (even in its current controversial state) when it comes to FOSS and “openness”??
The first headlines I saw were suggesting there will be an initiative from openSUSE (alone) and I had some hopes (even though it still sounded like a situational, opportunistic money-grab).
But partnering with Oracle in an effort to persuade anyone with an interest in Enterprise Linux that Red Hat is anti-FOSS and present themselves as “more open”, sounds extremely stupid to anyone not either extremely naive or completely ignorant of Oracle’s history…
As a matter of fact it sounds way more like, essentially, Oracle offering a support contract to openSUSE and CIQ.
( Red Hat, IBM, … )
) , 
5 Brigade and ISAF etc… }
