[Mageia-discuss] beta2 woes and no graphical root (tonyb)

Thu Apr 12 16:05:23 CEST 2012

TJ <andrewsfarm at ...> writes:
+
+> 
+> On 04/11/2012 01:27 PM, Wolfgang Bornath wrote:
+> > 2012/4/11 Anne Wilson<annew at ...>:
+> >>
+> >> On 10/04/12 20:53, Renaud (Ron) Olgiati wrote:
+> >>> On Tuesday 10 Apr 2012 10:57 my mailbox was graced by a message
+> >>> from Anne Wilson who wrote:
+> >>>> True indeed, but if someone wants to commit suicide we do have a
+> >>>> moral duty not to supply the gun and teach him how to load it.
+> >>>
+> >>> We may have a duty to point out to him that we think his idea is
+> >>> not good, but if he is decided, our duty then is to help him,
+> >>> including acting as kaishakunin if he asks us to.
+> >>>
+> >> Your idea of moral duty is obviously different from mine.  I doubt if
+> >> the law would see it your way either.
+> >>
+> >
+> > Depends on what you see in Mageia. Is Mageia a mere provider of a
+> > technical system who does not care further than uploading the
+> > software? If so we don't need to discuss questions, we don't need to
+> > give warnings about anything, etc. Or do we have a sense of moral duty
+> > which goes beyond that? I am happy to see the decision of Mageia
+> > showing that they care.
+> >
+> Whether I agree with the results or not, I get annoyed when people 
+> presume to do my risk assessments for me. I would rather do it myself in 
+> most cases. And this is one of those cases.
+> 
+> TJ
+> 
+I didn't see any agreement, rebuttal, or acknowledgment of my suggestion that
+"there are consequences from "user's choice" resulting in a machine distributing
+spam, bots, malware, including damage to the reputation/adoption of FOSS, that
+reach beyond the demise of one individual"
+
+You have given this a lot of thought.  Perhaps you could answer.  To put it
+another way, if a user of a networked machine performs a risk assessment that
+leads him to conclude it's safe to open an email attachment, for example, and
+
+1. his machine has not been configured to prevent the deployment of the malware
+embedded in that attachment,
+2. his networked machine proceeds to distribute the effects of that malware
+across the internet,
+3. many thousands of machines are exposed to/infected with this unwanted
+software and/or more tangentially compromised by such consequences of
+administrative privileges exposed to the internet as spam or DDOS, e.g.
+
+is there not more than just bad outcomes for the bad choices of the,
+notwithstanding, annoyed, however, mistaken risk assessor?
+
+Sure, my example sounds exactly like a description of the environment created by
+Microsoft, who, apparently, did not anticipate all the consequences of writing
+software such that it is more easy to run.  Sure, Linux is not Windows (and I'd
+like to see it stay that way).  Sure, Linux is touted as more secure than
+Windows and does not, yet, have such a horrific history of waste and
+destruction.  However, there are vulnerabilities in Linux that are continuously
+being patched and, should Linux come to be run on a more significant percentage
+of machines, the number of eyes of ne'er-do-wells scrutinizing those
+vulnerabilities will, most likely, increase.
+
+Are the parallels not clear to anyone else?  Are you suggesting I should be
+comfortable to trust the risk assessment of each and every user who would eschew
+the wisdom of Unix-->Minix-->Linux developers and employ risky policy?  I am
+not.  Do you believe that what happens on one machine has no potential effect on
+any of the other connected machines, so Linux should be made to be whatever any
+consumer of FOSS might like?  I do not.   To sum, again, Linux is not merely a
+matter of an individual's choice.  
+Rolf
+
+