If an untrusted user is sitting at the console of a sudoer account, armed with its password, all is lost and any security has effectively been defeated already. While I do understand the concern it seems like something of a moot point.

As far as I’m concerned, open-source has no nationality, even for a public-sector project. Yes, Red Hat is American. They also don’t own Fedora.

From the very start, we’ve been built on the contributions of people from every corner of the globe, why should we care about petty geographical squabbles like this?

Killing Flash was worth it, but couldn’t we have avoided its reign of tyranny if we’d just stuck with Java applets in the first place…?

As someone who can find a billion XML parser libraries and, like, three HTML parser libraries, you do have my gratitude if it’s worth anything.

It’s not like it’s a proprietary blob. No one is stupid enough to accept a proprietary security blob from Microsoft.

Moreover, if you click through to the article, you see that this module entirely concerns eBPF, which is essentially unused outside of corporate servers (and Android phones) in the first place and is therefore barely our business to begin with.

Okay, I’m not a fan of this either but let’s not get too worried about this. Everyone’s known Ubuntu is a joke for a long time and they don’t really have much influence on even several of their downstreams, let alone the rest of the ecosystem.