-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 2018-06-06 13:28, Yuraeitha wrote:
> I'm sorry, I know changing will cause a lot of issues for the Qubes
> project, but honestly, I can not but completely agree with others
> that even "considering" giving Microsoft yet another chance out of
> the many thusands of chances that they betrayed, and the benefit of
> the doubt of the damage they may or may not cause, is a long sailed
> and concluded ship, almost so much that the conclusion is hard to see
> because no one is doing anything about the corruption, abuse and lack
> of trustworthiness Microsoft harbors. Microsoft is nothing but
> anti-trust, anti-democracy, anti-freedom, manipulative and corrupt if
> they can get away with it to reach their own goals, greedy and cares
> little, if any at all, about customers if they can earn a single dime
> extra.
>
> I do not mean to take you hostage on this matter, I trust the Qubes
> staff, but sticking with Microsoft like this will be a dent in that
> trust, an inked mark on white texture that cannot easily be rubbed
> off once it gets spilled. You must be careful with people's emotions
> here, because this one has a lot of angry and irritated people that
> hate Microsoft for their wrong-doing, which can easily be transmitted
> to other people who line-up / give their trust in Microsoft.
>
> In short, Qubes staff giving their trust in Microsoft, means it can
> easily damage the trust in the Qubes staff.
We are not "giving our trust" to Microsoft. For the most part, GitHub is
part of the untrusted infrastructure [1], and we are actively
investigating ways to make it fully distrusted [2].
[1]
https://www.qubes-os.org/faq/#what-does-it-mean-to-distrust-the-infrastructure
[2]
https://github.com/QubesOS/qubes-issues/issues/3958
> It may be better you follow the flow of peoples emotions, because
> this is much, much bigger than any logic can calm down, and even
> trying to calm it with logic will be hard at this point given the
> long proven shady history of businesses like Microsoft.
Allowing emotion to overtake reason may temporarily win over those who
are ruled by their emotions, but it would alienate the calm, rational
observers who witness such folly, harming the project in the long term.
We must weigh the costs and the risks, as with anything else. If it
turns out that GitHub cannot deliver the services we need as a community
and a project without requiring us to trust them to an unacceptable
degree, we will likely move. However, this entails careful consideration
of the trade-offs between cost and risk, as well as technical
considerations about feasible ways to distrust various services GitHub
provides.
> Whether Microsoft won't destroy or semi-destroy GitHub or not, please
> do not underestimate peoples emotions to Microsoft, and the
> distinction between anxiety and real fear.
>
> I know it might not be possible to switch to another platform, but
> please at least be open-minded about the possibility. At least this
> much will give us good faith and calm our nerves. The whole "we won't
> move, too much trouble" thing, will simply just poke the balloon with
> a lot of negative emotions that has nothing to do with Qubes, but
> suddenly gets tied and connected to Qubes. The more negative
> emotions, and in the larger quantity, the more dangerous it becomes.
As long as I have any say in the matter, we will always be open-minded
about all possibilities. ;)
> Also a thought, what would it cost for Qubes to have their own Git
> servers? Is this something that could potentially work through the
> same or separate donation system?
The main cost would be the time required to administer the servers.
Since it would most likely be Marek administering them, this time would
directly subtract from core development.
iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAlsYu2EACgkQ203TvDlQ
MDCjCg/9EIWH17ZKhgKbp/ox2/zQc1k6ZhjdWzgWEuxYmQHm4N8T2w+wsHsLEVRM
YpX3sWzlAtVodsygBgnt1UsksAs79MVeywUd9eZCDyLyi0BNufJ5DgZEXOeCWEDt
BfgT/gLUjUZinHasvCFEjQ+lgujWJGm9nRGQ1azpY4MbVDipYj71jKHu5bkQRC3y
pNc8lZExXSfAwfa0DLc3xMSw2FbaKwwZKDg5y3pgpOAZ7fnZFV5RbHFuWG7WSK26
xjzl+f+lbsJRa1lXLaK+WLf8ryXkESXATNnpnBqfv67bCZnUZi8z2MIVJqZeKc5Q
AATD3Sva4Bs/u1Ag0DsWNRdFPSeMTYOQfQsmZ8K6E/8lAJ9YYOHjdNwHhEQNwj2S
PBb0zcOLtUFrHWKvcIP9oJ+5KDfqk4ZOseMq/SNmxZQy7Yd9Vsn/c/MEeyGKmtLw
mNcS5g3okQVq+zFaNrLQrR8yY0o2UP89YZtWLwc8jSeyf0ItmtplUb6Y6fU5I3bK
2ZTroUH7q+QX5s5l4MD62Mso++dCTApxySvmENWc7lvs6U5s99is0hf/BCHAY31Q
KwT0LF6iaskdlvbCM0dKTU/aT4NuXj1GHUjgciToCNDqAaVB78Nu0X4J+iy65LGI
jCMyepX3FXENVj/In97CGFinRcJ1iPnkm9gp0dwX38NTN/p8A0w=
=28sn
-----END PGP SIGNATURE-----