cross-posted from: https://feddit.org/post/4415864
The petitioner calls for the European Union to actively develop and implement a Linux-based operating system, termed ‘EU-Linux’, across public administrations in all EU Member States.
This initiative aims to reduce dependency on Microsoft products, ensuring compliance with the General Data Protection Regulation (GDPR), and promoting transparency, sustainability, and digital sovereignty within the EU.
The petitioner emphasizes the importance of using open-source alternatives to Microsoft 365, such as LibreOffice and Nextcloud, and suggests the adoption of the E/OS mobile operating system for government devices. The petitioner also highlights the potential for job creation in the IT sector through this initiative.
[Edit typo.]
It also means the entirety of the EU’s governments would be susceptible to the same vulnerabilities and bugs, and would share the same dependencies. Given recent issues with bad actors taking control of small but essential repos, this seems like a potentially dangerous security flaw.
They are already interconnect at various points.
Schools are connected to university networks, university networks to loval government intranets and those are again probably at some point connected to the federal network.
I don’t wanna guess where else they have connections to like the police or legislative network.
There’s a world of difference between interconnectedness and an enforced monoculture of dependencies on a wide range of insecure repos maintained by hobbyists.
I mean yes, but currently they’re all dependent on Windows, so its less of centralizing OSes, and more changing what its centralized on.
Okay, but when’s the last time someone created a security vulnerability by sneakily taking over a Windows dependency controlled by a single developer after pressuring them into handing the keys over with a bunch of sockpuppets?
Sure the threat model is different, I’m just saying it’s still a single point of failure.