>>>>> On Thu, 02 Apr 2020, Rich Freeman wrote:

> I guess we could stick an einfo in the post-install messages,

Not sure if that's necessary. Zoom is a proprietary, closed-source,
fetch-restricted package, so users should know that they cannot expect
the same level of quality as for free software. (In the default
configuration, it is license-masked, so users must explicitly unmask
it before installation.)

> but if you're joining a zoom meeting are you going to be any more
> secure if you manually install the files instead? I can't imagine that
> people are going to stop attending meetings just because they picked
> the wrong software to host them. Plus a few of those concerns apply to
> MANY packages - such as a lack of end-to-end encryption, or ever
> having had a zero day.

> I'm not intending to endorse Zoom here, but Gentoo isn't really
> intended as a purist distro that will never include a package if it is
> associated with a service that might collect user data and so on.  In
> fact, we have many packages with these associations.  Ultimately users
> can decide what they want to run, and we're just providing the files
> in the most convenient and secure manner possible.  For example, when
> the zero day is fixed if you're using Gentoo you'll benefit from our
> security policy, while you would not if you had just manually
> installed some files/etc...



Attachment: signature.asc
Description: PGP signature

Reply via email to