cross-posted from: https://feddit.org/post/4415864

The petitioner calls for the European Union to actively develop and implement a Linux-based operating system, termed ‘EU-Linux’, across public administrations in all EU Member States.

This initiative aims to reduce dependency on Microsoft products, ensuring compliance with the General Data Protection Regulation (GDPR), and promoting transparency, sustainability, and digital sovereignty within the EU.

The petitioner emphasizes the importance of using open-source alternatives to Microsoft 365, such as LibreOffice and Nextcloud, and suggests the adoption of the E/OS mobile operating system for government devices. The petitioner also highlights the potential for job creation in the IT sector through this initiative.

[Edit typo.]

  • thingsiplay@beehaw.org
    link
    fedilink
    arrow-up
    19
    ·
    21 hours ago

    But then the government is dependent on this private company again. The idea of an own operating system distribution is, to have the control and not being dependent (as far as a company goes). So its not odd at all. In fact, I am shocked that most governments in the world don’t have their own distribution. It just makes sense.

    That also means a specific distribution to learn and count on across all governmental institution across all parts. They can integrate any feature, application and configure it for the EU in a government. Is there such a distribution that exists doing exactly that? Probably not. And creating a distribution does not mean they develop everything from scratch, so its not like impossible to workout.

    If private companies like Steam can do it, then a government should be able too.

    • AGuyAcrossTheInternet@fedia.io
      link
      fedilink
      arrow-up
      6
      ·
      19 hours ago

      To make your own distro, you will need two key things: a budget and people. Given how cutting budgets is also a thing with many government things, you run into danger of lesser maintenance standards of the distro as time progresses. Be it important as it may, the institutions will have to shell out money to make and support a standardized system. Using a mainstream or larger existing distro that also covers enterprise use cases can at least offset some of these troubles. Being able to and actually making it a reality are two different things, sadly.

    • millie@beehaw.org
      link
      fedilink
      English
      arrow-up
      4
      ·
      19 hours ago

      It also means the entirety of the EU’s governments would be susceptible to the same vulnerabilities and bugs, and would share the same dependencies. Given recent issues with bad actors taking control of small but essential repos, this seems like a potentially dangerous security flaw.

      • IrritableOcelot@beehaw.org
        link
        fedilink
        arrow-up
        3
        ·
        14 hours ago

        I mean yes, but currently they’re all dependent on Windows, so its less of centralizing OSes, and more changing what its centralized on.

        • millie@beehaw.org
          link
          fedilink
          English
          arrow-up
          2
          ·
          13 hours ago

          Okay, but when’s the last time someone created a security vulnerability by sneakily taking over a Windows dependency controlled by a single developer after pressuring them into handing the keys over with a bunch of sockpuppets?

            • millie@beehaw.org
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              11 hours ago

              It’s not, though. It’s a much wider potential for failure, as there are a great number of dependencies that are often left to individual developers to maintain. That may be a somewhat reasonable amount of risk when you’ve got multiple options for dependencies and no major target, but when the entire EU relies on single individual maintainers? That’s a massively exploitable threat vector. It would be absurd to assume no one will take advantage given what we’ve already seen.

              It would be an extremely foolish move to put the whole EU’s security on one single set of open source dependencies. Microsoft at least has a financial and legal incentive to try to prevent straight up breaches by state actors, shitty as they may be. There’s no such resource allocation or responsibility when it comes to open source repos.

              Push a switch to Linux, by all means, but security monoculture is as big a mistake as putting your eggs in any other single basket, especially one as exposed as one single distro.

      • Appoxo@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        1
        ·
        12 hours ago

        They are already interconnect at various points.
        Schools are connected to university networks, university networks to loval government intranets and those are again probably at some point connected to the federal network.
        I don’t wanna guess where else they have connections to like the police or legislative network.

        • millie@beehaw.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          11 hours ago

          There’s a world of difference between interconnectedness and an enforced monoculture of dependencies on a wide range of insecure repos maintained by hobbyists.

    • Handles@leminal.space
      link
      fedilink
      English
      arrow-up
      3
      ·
      19 hours ago

      Um, yes. It is odd, and you get some things ass backward:

      But then the government is dependent on this private company again

      To my knowledge Linux is community driven. I can only assume that’s Murena and /e/OS you’re talking about, then? In which case, that was my point.

      I am shocked that most governments in the world don’t have their own distribution. It just makes sense.

      Yeah, makes sense to North Korea, too. I’m not sure they’re an example to follow, though.

      To be clear, nation states controlling the tools that their employees and, potentially, wider population communicate and access information is a dystopian vision, and I cannot agree with that point at all.

      • The_Sasswagon@beehaw.org
        link
        fedilink
        arrow-up
        4
        ·
        15 hours ago

        To be clear, the EU developing an operating system for EU use is not a dystopian vision without assuming many things about the theoretical future project. The petition is asking for this for transparency and independence from an actual dystopian vision coming to fruition in a ‘forced’ Windows standard. That doesn’t really lead me to imagine a dystopian nightmare where the EU forces everyone to install their distro (A potentially comical vision on its own).

        I rather like the idea that governments contribute to open source projects, sounds a lot better than the same contribution going to private institutions. The use of open source software may introduce some vulnerabilities, but those are replacing vulnerabilities that are already there. I would also imagine investment in some open source projects would encourage more development in adjacent areas, much like Valve, Proton, and gaming.

        I would be interested to hear what alternative you have to solving the problems that the project in this petition is attempting to solve. It’s easy to shoot down something for not being perfect but it’s pretty challenging to come up with a theoretical proposal that pleases all.

      • P03 Locke@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        6
        ·
        18 hours ago

        Yeah, makes sense to North Korea, too. I’m not sure they’re an example to follow, though.

        To be clear, nation states controlling the tools that their employees and, potentially, wider population communicate and access information is a dystopian vision, and I cannot agree with that point at all.

        Wow, what a way to take the most extreme POV possible on an issue.