[Replicant] is replicant 6 insecure? does google update android 6?
Denis 'GNUtoo' Carikli
GNUtoo at cyberdimension.org
Wed Apr 1 00:06:00 UTC 2020
On Tue, 31 Mar 2020 08:45:03 -0400
John Sullivan <john at wjsullivan.net> wrote:
> Informing people is always important, but please let's not exaggerate
> the issue. Replicant very clearly shows dedication to its principles
> over popularity.
I think it could help if I give a bit more details on my thought
process here.
I think it's up to the people to know how important the Replicant
limitations are for them. I don't live their lives, so I can't decide
that for them.
So instead I try to inform people of what could potentially be
problematic for them. I assume that they know way better than me what
is important for them and what is not.
As for security in general I find it more and more disturbing that
"security" assumes a threat model that is relative to the industry
needs.
For instance what is deemed a "security issue" and got a CVE and is
unfixable might even be good for free software in some cases.
In addition to that, it also depends on the live of people. For some
people having their location made public can result in them being
killed. For other having their sexual orientation be made public can
also result in them being killed. Threat models can vary a lot
depending on the people lives.
Denis.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20200401/32bd80b6/attachment-0001.asc>
More information about the Replicant
mailing list