Hello,
but let's assume you would run a perfect hardware and a nice engineered QOS,
but the Distro Red Had / Fedora will probably delivers certain kind of
Kernel-Moduls to deliver Backdoors, so I would assume the trust /
security-chain is gone?
Or let's assume the download of QOS will be forbidden inside Europe (because it
is not on the Distro-shortlist), than QOS will disapear more and more, only
criminals don't care and there will be no reason, why they will follow this new
kind of Short-List-Distro-Law.
I would appreciate the a clean trust and security chain E2E for QubesOS. And
this would imply Hardware Security, as well an etical clean supply chain. Or
why should deliver the organization X in one channel some backdoors and for the
other channel everything is trusted.
IT is famous for it's very weak ethical thinking, sorry.
The modern tool to adress the E2E ethical supply chain, is the ISO 26 000.
The idea behind is to find a global ethical (minimal) standard, after Kant's
categorical imperative (or simpified as the Golden Rule):
Do not impose on others what you do not wish for yourself.
So ISO 26 000 is just common sense and is also adaptable to the sustainable
goal of a secure Linux, I think.
http://www.ecologia.org/isosr/ISO26000Handbook.pdf
Kind Regards
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/b857cb3d-9dd1-437f-92c1-640cacff474d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
