I’m thinking that software like Signal, Bitwarden, Firefox and RHEL is more likely to be pushed (by unconventional methods) to introduce backdoors under Trump 2.0. Less complex software that is developed by an international community is of course less suseptible.
What do you think? Will the risk be higher during Trump 2.0 or is the FOSS community diverse and international enough? Am I just paranoid and irrational?
Closed source software and cloud is of course a no brainer since always. But clompex FOSS with centralized development and hosting pretty much suffers from the same problem.
Ditching the Linux kernel is probably a good idea. Or at least run your own fork. Which I expect that many state actors and large companies already do. Also, I suspect that we’ll see more large public kernel forks sooner rather than later. Even sooner if Linus retires.
To be honest, I don’t care that much for myself. Guess I wasn’t completely honest in OP. I’m just a nobody who gladly exposes his soft parts in exchange for cheap and easy access cat videos and general dopamine. Rather I’m thinking about what strategies policy makers, companies, NGOs and the general public should consider, as we crash into even more exciting times.
It’s certainly not. There are so many actors with opposing agendas that are motivated to keep it secure that its incredibly difficult to slip something through.
If you’re going to attack Linux, you won’t attack the kernel, but instead you’d go for some obscure component that most distros use but is only maintained by one or two people (e.g. xz).
If you abandon Linux, you’re likely going to have more vulnerabilities. Security through obscurity is no security at all.