-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

pixel fairy:
> On Tuesday, October 1, 2013 at 6:32:41 PM UTC-7, ears...@gmail.com
> wrote:
>> We all know Fedora is a big name, but is it a good choice for a
>> Security Driven OS like QubeOS to be based around? What do others
>> here think?
> 
> There are a lot of packages creating a bigger attack surface. but,
> bigger distros like fedora have companies behind them like red hat.
> red hat has been pretty good about actively looking for
> vulnerabilities in those packages. distros that automatically
> upgrade to the latest version (gentoo etc) can also burn you. they
> would make better template vms where your more likely to want newer
> software and new issues can be better contained.
> 
> for dom0, newer distros are better at hardware compatibility with
> those fancy new processors, graphics cards and storage controllers
> in laptops.
> 
> just personal opinion, but wayland is a better fit than x11 for
> qubes in the long run. fedora is the only distro with a dedicated
> security staff actively supporting it.
> 
> anytime you abstract a layer, your diluting your resources.
> maintaining a dom0 isnt much more work than a domu template, but if
> you want to add slackware, arch, and gentoo, youve now more than
> doubled the developers distro maintanance work when they could be
> working on stability and features.

Potentially worth noting here that in Ed Snowden's keynote at
Libreplanet 2016, he criticized the free software community's tendency
to use stable, outdated software.  Snowden said that the attackers
move and adapt quickly, and it's dangerous to continue using outdated
software that doesn't have the latest security fixes/features just
because it's more stable or more backward-compatible.  Snowden did not
explicitly mention any distros that he was talking about, but I got
the distinct impression that he was (at least in part) talking about
Debian.

Of course, "appeal to authority" is a classic fallacy, so we shouldn't
do what Snowden says without questioning it, but I think it's at least
worth considering his argument seriously.

Cheers,
- -Jeremy
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJYaTeQAAoJELPy0WV4bWVwbNgP+QG3jY+xlwsTnViOS+IFEHMP
Nyt+d9Cuq7iEnCsr1fuXbzjSNB8RDM0y2BY6rciELmo4kvyfsGoPYZod7nOlQPeV
xjgjubrlA3udMxSCsc5lc2DbP4IszehJECYGbZw4gaFabScs6ugt0P9gxKaiTIWR
pa9bAaSzJffZsJg9/efUJuo134Mdd8QBssKEC6idWCiEuM8YWHZI9xKfvhTjRrqj
g233nSNbvctg0yoUQbf2XHZ6gyGZ2p0Y1ab8o0o0MFVsuQIuPCKlWgr/WhjgdWDY
Ye4TCYZhonuLHRCiOt+ZuS2w8nj24O0qFvXra+asXAaW2mFzQa/Aq3CdLBE87nXE
z3dgNp2Z08dWi28ncbCwvn8mpw0w07yl1n6+2JlBC4pDTF2/r6BMgsp4DIS9sFDB
h+mFWCnqh80P/39SQeOoOcHATruMfHp8CUDVtOMVBRV4VpoA7YaKxiiiUXFnD21M
S6XP7QqxPkbPW0E77UeR53igB61QQ1t3Fb4QQRLZY1bhncKn3kM/OmUDnHzepLQn
0/FLW/aJMBofOHeb6xqrfipeayGrdHLNuav9Nu1QRuX2lY6E0Sl40VZBwRERxfaW
t+Ck3n4Qw2Gru13zXPhHuE8OpTV3/RgkMzNMnADxfArhSIW2zwoYQvNCn8U/LNaq
P2HMZA0yehx6CZnBmdb/
=RC2L
-----END PGP SIGNATURE-----

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/52d5d96c-c021-9673-27c5-1999e8541961%40airmail.cc.
For more options, visit https://groups.google.com/d/optout.

Reply via email to