Ventoy is a tool to make a USB with multiple ISOs bootable, letting you select which ISO to use on boot. Another newly-created account claims to be the dev’s friend and translator and has received no contact from the maintainer.

  • BCsven@lemmy.ca
    link
    fedilink
    arrow-up
    5
    ·
    2 months ago

    if you search Chinese Police Canada (or USA) there are tons of articles that are way more in depth, and describe encounters, etc.

    I added that link so people don’t think I’m making it up when my friends house is getting door knocked by two CCP police.

    It does not directly relate to Ventoy, it relates to why I would not trust a chinese product as we have first hand witness here in Canada of CCP harassing residents or forcing them back to china. There is that much control, even when they don’t live in China, that if CCP wanted to have widespread spying they would just pick a dev with family in the mainland.

    • electric_nan@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      2 months ago

      Your phone, computer, TV, and various other electronics in your house were not made in China? You believe that your own country or mine cannot secretly compel backdoors?

      • BCsven@lemmy.ca
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        2 months ago

        I realize that this era makes it difficult, but that is why I would be cautious in projects, like Rustdesk dev was obfuscating the chinese location, and blobs, so I have removed that. My phone runs GrapheneOS so things are sandboxed, my home electronics are either totally blocked from web access, or certain IPs restricted. And of course Canada US would try to compel, but we have more transparency here than CCP shinanigens. I’m just saying, everyone blindy installing Ventoy that has more blobs than source code, and possible mainland connection should not be

        • Aatube@kbin.melroy.orgOP
          link
          fedilink
          arrow-up
          5
          ·
          2 months ago

          Ventoy does not have more blobs than source code. The 3 blob folders—which constitute ~1MB out of ~16MB—are properly labeled with reproducible build instructions… for now. The 4 months’ silence and impersonation without opposition are suspicious. That said, I think it’s still safe to use your existing installations.

      • ArcaneSlime@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        2 months ago

        My car was Hecho en Mexico so long ago they didn’t know cars could even connect to anything other than OBD2, phone was wiped for graphene, and my light switches don’t have proprietary blobs that can phone home, they have screws and wires and absolutely no (internet) connectivity. Hell even my computer is Taiwanese, and runs Fedora anyway, though I am already bitching about Intel ME and AMD PSP.

        Honestly, the concern around privacy is nothing new for lemmy, the only problem is that instead of worrying about corporate or US GOV spying in this case the worry is the CCP, and that’s bad because criticising anyone but “western propagandists блять” is a no-no here.

        • electric_nan@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          2 months ago

          You’re quite the outlier, so congrats on that. I’m pretty privacy conscious myself, so I understand that part of the attitude. What drives me crazy is the irrationality of people making hysterical claims about China that at least as accurately describe their own country.

          • ArcaneSlime@lemmy.dbzer0.com
            link
            fedilink
            arrow-up
            1
            ·
            2 months ago

            The claims are neither irrational nor hysterical, they’re totally grounded and based in reality, and we should be just as suspicious of them as we are of The West™®©. What’s more, being critical of china in a context where it’s relevant while not mentioning The West™®© doesn’t mean you never criticise anyone other than China and Russia, it means the current conversation is regarding China. If this were a story of an American dev being sketchy and including proprietary blobs, me and you, probably would be in here wondering if the NSA or CIA is involved rather than saying “but the CCP.” I remain critical of proprietary software regardless of it’s origin.

            • electric_nan@lemmy.ml
              link
              fedilink
              arrow-up
              1
              ·
              edit-2
              2 months ago

              The user above was essentially saying “never trust a Chinese developer”. That is irrational and hysterical. I would say the exact same thing if I heard someone saying “never trust a Russian/American/Indian/English/etc developer”.

              • ArcaneSlime@lemmy.dbzer0.com
                link
                fedilink
                arrow-up
                1
                ·
                2 months ago

                No he wasn’t, he was saying never trust Chinese proprietary code (blobs), because they can compel citizens. If you can audit the code you can audit the code, the country becomes irrelevant.

                Furthermore in this instance even if he was saying “don’t trust chinese devs,” not because they’re bad people, but “because they live under an oppressive regime that can force them to do the bad thing,” that’s still not racist, it’s still a criticism of the regime itself that very well could be rectified (well good luck.)

                • electric_nan@lemmy.ml
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  2 months ago

                  Chinese blobs are no more or less trustworthy than any other blobs. The Chinese government is not more or less willing or capable to force a Dev to do the bad thing.

                  • ArcaneSlime@lemmy.dbzer0.com
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    2 months ago

                    Exactly, but being that this thread involves the country known as China, the reason to distrust those proprietary blobs is the CCP. If this thread were about an american dev, the threat would be NSA/CIA, if Russian FSB, on and on, as such.