[no hat] On 31 Oct 2022, at 10:14, Alessandro Vesely wrote:
What software would you use, a fully certified, professional OS, or a run-at-your-risk product by hobbyists who are exempted from security regulations by a compassionate exception to the Cyber Resilience Act?
I don't understand what the point of this (perhaps rhetorical) question is. In a former day-job, I've had to deal with a "professional" Linux distro, whose provider was so risk-averse, and who operated such an ossified acceptance process for integrating upstream FOSS packages, that the distro was operationally unfit for purpose unless I chose to do without the "protection" supposedly provided by the "professional" packaging. I also know some hobbyists whom I would trust with my personal physical safety, or even my life. The only thing one can be sure of with certification is that the holder of a certificate managed to pass the test. https://dilbert.com/strip/2000-08-31 Best regards, Niall