| ▲ | GnarfGnarf a day ago |
| I'm a Windows/macOS developer, but I strongly feel that all national governments need to convert to Linux, for strategic sovereignty. I'm sure Microsoft, under orders from the U.S. government, could disable all computers in any country or organization, at the flick of a switch. Imagine how Open Source Software could improve if a consortium of nations put their money and resources into commissioning bug fixes and enhancements, which would be of collective benefit. Apart from a few niche cases, the needs of most government bureaucracies would be well served by currently available OSS word processing, spreadsheet, presentation and graphics software. |
|
| ▲ | jll29 a day ago | parent | next [-] |
| The sabotage scenario is perhaps less likely than the alternative scenario of industrial and political espionage. There are also practical advantages: the ability to fix a bug in-house instead of waiting for a technology giant from another continent. |
| |
| ▲ | whstl a day ago | parent | next [-] | | Less likely? This is exactly what happened earlier this year. Here's an article from the same newspaper that showed up to me as "related" when browsing TFA: https://www.heise.de/en/news/Criminal-Court-Microsoft-s-emai... | | |
| ▲ | nroets a day ago | parent [-] | | So you point to one instance of highly targeted sabotage aka sanctions. But Snowden and others exposed many instances of espionage dragnets. |
| |
| ▲ | lo_zamoyski a day ago | parent | prev [-] | | > the ability to fix a bug in-house Yes, but bureaucracies make this impossible. If you have worked at a bank before, you'll know how difficult it is to make a change to some in-house piece of software. And that's a bank, not a gov't institution. Think how much more friction there will be in the latter. | | |
| ▲ | Terr_ a day ago | parent | next [-] | | It's funny, I was doing some budgeting stuff, and I ran into some corruption of payee-data in my bank's export files. Good: I already wrote a script to fix the exact same issue. Bad: It was in a pile of old stuff from 10+ years ago. Good: It worked anyway. Bad: The bank still has the same bug. | |
| ▲ | __d a day ago | parent | prev | next [-] | | At a certain size (and government departments are absolutely large enough) it makes sense to manage software deployment centrally, from an internal package repository/cache. Once that’s in place, the process for populating that repository can easily adopt locally modified versions of upstream software: defaults changed, bugs removed, features added, etc. No one in a big business/government blinks at changing group policies for internal deployment. Changing the code is really very little different once the ability to do so is internalized. | |
| ▲ | grim_io a day ago | parent | prev | next [-] | | The culture can only change when it actually becomes possible to make any changes to the systems. If all the software one institution uses comes in the form of proprietary binaries, there is simply no need to even think about making policies about fixing those systems in-house. | | |
| ▲ | nickff a day ago | parent [-] | | These institutions don’t bother making fixes where they can, so it seems unlikely that giving them more options will change much. Ironically, things like windows auto-update being the default probably actually help their IT departments maintain some level of security | | |
| ▲ | grim_io a day ago | parent [-] | | Auto update is not rocket science. Linux distributions have it too. | | |
| ▲ | 1718627440 a day ago | parent [-] | | Yeah and it is better. Most things can be updated without a reboot and even for the kernel, you can either live-patch it (not always possible) or reboot only the kernel. |
|
|
| |
| ▲ | jimnotgym a day ago | parent | prev | next [-] | | I wonder if it is in fact easier in a German region than a bank though. A bank has massive compliance complications, where the state insists on rules being met, so their are teams of people trying to make sure no rules being broken, and therefore anti-change. Germany is a Federal system, and the region has law making powers, a bit like a US state. Therefore it can set the rules to make sure migration to a new system happens. If big fixes are not allowed, they have themselves to blame. At a bank it is the state causing the friction. | |
| ▲ | petcat a day ago | parent | prev | next [-] | | EU bureaucracy is where optimism goes to die | |
| ▲ | a day ago | parent | prev [-] | | [deleted] |
|
|
|
| ▲ | graemep a day ago | parent | prev | next [-] |
| Governments have more to gain from being able to work with a few big companies on things like surveillance than they do from sovereignty - which many of them regard as an out of date idea anyway. Despite all the talk about sovereign cloud the actual governments are actually going the other way. 1. The Online Safety Act in the UK pushes people to use big tech more rather than run stuff independently - the forums that moved to social media.
2. EU regulatory requirements that help the incumbents:https://www.theregister.com/2025/10/27/cispe_eu_sovereignty_...
3. ID apps in multiple countries that require installs from Google or Apple stores, and only run on their platforms.
4. The push to cashless which means increased reliance on Visa, Mastercard, Apple and Google. To be clear I do not not think that any of these things are in the public interest. However the government is not the public, and the public (and probably a lot of the government) has deeply ingrained learned helplessness about technology. |
|
| ▲ | al_borland a day ago | parent | prev | next [-] |
| Today when a government pushes for a backdoor we often see companies push back. The FBI publicly complained about iMessage encryption a lot, and currently Apple is also telling the government of India they aren’t going to install their “security” software… those are just a couple examples. What happens when major OSS projects are controlled by the governments themselves? Will David still beat Goliath? |
| |
| ▲ | lucianbr a day ago | parent | next [-] | | How does anyone "control" an OSS project in the sense that you are talking about, so the ability to insert backdoors or activate kill-switches? Maybe Linus controls Linux, but can he "flick a switch and kill" any running kernels? He might be able to insert backdoors, but will they go unnoticed? Would anyone be forced to install them? Just patch the code to remove the backdoor. I feel that you wrote some words that only seem to make sense if we don't think about them too much. | | |
| ▲ | LexiMax a day ago | parent | next [-] | | > How does anyone "control" an OSS project in the sense that you are talking about, so the ability to insert backdoors or activate kill-switches? A government can control a piece of open source software the same way a big tech company does - with economies of scale. In other words, by throwing more money, resources, and warm bodies at their open source projects than anybody else. The code itself might be under an open license, but project governance is free to remain self-interested and ignorant of the needs of the "community." Any pull request accepted from outside isn't a mutual exchange of developer labor for the benefit of all, but the company successfully tricking an outside developer into doing free work for them. Any pull request that runs counter to the interests of the company can and will be ignored or rejected, no matter how much effort was put into it or how much it would benefit other users. Any hostile forks are going to be playing a catch-up game, as community efforts cannot outpace the resources of most large companies. | | |
| ▲ | notpushkin a day ago | parent [-] | | As long as upstream is open source, forks can just keep syncing. At some point, the upstream will then usually switch to open core, or some sort of delayed open source, but often that leads to people leaving for the open forks, hopefully donating to them, too. (Gentle reminder to subscribe to donate to a FOSS project or two that you use.) | | |
| ▲ | LexiMax 21 hours ago | parent [-] | | Which projects are you referring to here? Because in my experience, the projects that I can think of that switch to open core are those that are started by smaller businesses when a large multinational tech company starts to mess with their revenue streams. In that case, I don't fault them in the slightest. As a matter of fact, I think these days it's now a sucker's bet to build a company around an open source product. Free software? Maybe. Source available or open core from the start? Possibly. A fully permissive license that in the outside chance my product is successful, suddenly puts me in competition with Amazon and Microsoft, so they can kill my business with my own software? Forget about it. | | |
| ▲ | notpushkin 20 hours ago | parent [-] | | Yeah, I don’t fault them either. It’s a shitty situation to find yourself in. That said... they went with a permissive license, so they knew what they’re getting into. I think the main reason they do that is because AGPL is a turnoff for a noticeable chunk of corporate users, and you do want those users. Dual licensing should work here in theory, and does work in practice for some – no idea why we don’t see it more often. (I have a project-not-quite-startup-anymore [1] under AGPL, but I do keep around a CLA for outside contributors just in case.) [1]: https://lunni.dev/ |
|
|
| |
| ▲ | rocqua a day ago | parent | prev | next [-] | | Linux is not a smart target. But OpenOffice, nextcloud, postfix, those are much easier targets for developer coercion to compromise widely installed software that is important for "linux on the desktop". Ah and ofcourse also the desktop environments, and perhaps systemD are all in a privileged position with much less eyes on. | |
| ▲ | al_borland a day ago | parent | prev [-] | | The thought was that the government would effectively become the largest employer of OSS developers who would then be compelled to follow directions or be out of a job. Would there be enough independent developers to review millions of lines of code, patch out any back doors, or fork and maintain an entirely separate projects, since none of the government protects can be trusted? Could the government also dictate the operating system and software people use to make sure it is the state sponsored one? If I’m not mistaken some similar actions have happened in N Korea and China. I’m not saying this is an inevitable outcome, but just trying to think of worst case scenarios. A lot of terrible things have started with good intentions. | | |
| ▲ | p2detar a day ago | parent | next [-] | | > Would there be enough independent developers to review millions of lines of code, patch out any back doors, or fork and maintain an entirely separate projects, since none of the government protects can be trusted That’s not far from how it is right now in OSS, even without governments in the chain. For example: how the xz back door was found: https://en.wikipedia.org/wiki/XZ_Utils_backdoor | |
| ▲ | lolc a day ago | parent | prev | next [-] | | You're saying that a state can upstream patches with planted backdoors. Thruth is, this is possible in all software. It's not specific to state-sponsored open source software. So your scenario is a reality whether you want it or not. And open source is not particularily vulnerable either. People forget this. Now a lot of people would be angry if my state decided to spend money on security flaws. I imagine an elected representative try to explain how they wanted to misspend funds allocated to improve software and plant flaws instead. That would not go down well here or in Germany. Try to hire people for this in Germany and see how long you last till your little op is public. | |
| ▲ | cindyllm a day ago | parent | prev [-] | | [dead] |
|
| |
| ▲ | Spooky23 a day ago | parent | prev | next [-] | | Maybe. I highly doubt Apple or any other company isn’t complying in some way. It’s been widely speculated that there are gentleman’s agreements where strategic bugs do not get fixed. To apple’s credit, unlike say BlackBerry, they designed iMessage where many of the intercept methods are tamper evident. | |
| ▲ | hamdouni a day ago | parent | prev | next [-] | | Fork the project. | |
| ▲ | belter a day ago | parent | prev [-] | | Apple sit behind the most corrupt US President in history at its inauguration, donated to a ball room and millions of dollars for other unspecified purposes. Is your argument that they will not fold...or that the backdoor is already in place ? :-) |
|
|
| ▲ | pjmlp a day ago | parent | prev | next [-] |
| Similar opinion and source of income. Linux for starters, however even that has too many US contributions. In general, we need to go back to the cold war days, multiple OSes and programming languages governed by international standards, with local vendors. If sovereignty is desired, it can't stop at Office packages. |
|
| ▲ | mattip 19 hours ago | parent | prev | next [-] |
| > Imagine how Open Source Software could improve if a consortium of nations put their money and resources into commissioning bug fixes and enhancements, which would be of collective benefit. This is the business model of Quansight Labs, whose employees help maintain much of the scientific python stack. Mostly tech companies, not governments, sponsoring the work |
|
| ▲ | rocqua a day ago | parent | prev | next [-] |
| I doubt that Microsoft has a kill switch. Though through automatic updates they still have pretty strong sabotage capabilities. But the OS is not where Microsofts power lies. Its in exchange (almost everywhere cloud managed, including for many governments) and SharePoint, with a small amount of teams, where Microsoft is truly a scary prospect for sovereignty. |
| |
| ▲ | codedokode a day ago | parent | next [-] | | They have the kill switch, it is called a "cloud account". Nowadays you need a valid cloud (MS-controlled) account to log into your computer. | | |
| ▲ | Aperocky a day ago | parent [-] | | Haven't used Windows in almost a decade, has it gotten that bad? I can't log on to a windows computer if the cloud account don't exist? What if there's no internet? | | |
| ▲ | d3Xt3r a day ago | parent | next [-] | | It caches your credentials so you can still login offline. But you do need to be online when you're logging into your PC for the first time, post-install. There are some unofficial hacks to bypass the online account requirement, but MS have been actively stamping these out. Now the current situation isn't like it's impossible to bypass this, mind you (as far as I'm aware there's at least a couple of workarounds), but normal users won't know/care and will end up just creating an online account. | | |
| ▲ | sirjaz a day ago | parent [-] | | If you have pro or enterprise you can still setup a local account. It is home edition that is the issue |
| |
| ▲ | 1718627440 a day ago | parent | prev [-] | | > What if there's no internet? Surely that is something only criminal would say. |
|
| |
| ▲ | smodo a day ago | parent | prev | next [-] | | The kill switch is M365 account management. You take that offline, many SME’s and local governments just stop working. At least for a while. | |
| ▲ | karussell a day ago | parent | prev | next [-] | | > pretty strong sabotage capabilities Via updates they can install and run anything they want ... aka 'kill switch'. | | |
| ▲ | rocqua 12 hours ago | parent [-] | | Not quite. Because that requires pushing an update and only hits those who have windows automatic updates enabled. A lot of companies run those updates on a slight delay, which means they have a decent enough window to block such an update.
Microsoft is a big thing to worry about when it comes to independence from the emerging fascist government of the US. But not because 'they can shut off windows'. The short-term fear should be in enterprise cloud (See ICC judges). The long-term pain lies in blocking security updates (As happened to Russia). One might worry about malicious updates being pushed, but the legal grounds for that are flimsy to non-existent, and Microsoft has very strong business reasons to push back. So even the trump administration would be smart enough to instead target the cloud solutions. Since the legal precedent is very clear and well lubricated "providing services to sanctioned entities", and the business impact is equally crippling. |
| |
| ▲ | 1718627440 a day ago | parent | prev [-] | | They absolutely have. They force upgrade computers to Windows 11, which then won't boot, because the system doesn't actually support it. I guess they also have a smoother way to achieve that. They are also cases where an update broke the booting process, so the bitlocker key was lost. Everything is encrypted with it by default, and the only copy sits on a MS server connected with you MS account. Guess what happens when they say sorry, we can't just give you that key... |
|
|
| ▲ | consumer451 a day ago | parent | prev | next [-] |
| I have a possibly strange take. Isn't the code of law the original open source, for very good reason? As law becomes more and more enforced by software, should it not all be required to be open source? |
|
| ▲ | newsclues a day ago | parent | prev | next [-] |
| I feel like there should be an open project to manage and support this. I think governance (both public and private) would benefit from open tools to manage communities at scale via technology. |
|
| ▲ | tonyhart7 a day ago | parent | prev | next [-] |
| "the needs of most government bureaucracies would be well served by currently available OSS word processing, spreadsheet, presentation and graphics software." wait until they found out that there is no "customer service" in OSS, sometimes the project is fine but people need "someone" to be held accountable in some ways that's why a lot of OSS project never take flight |
| |
| ▲ | TRiG_Ireland a day ago | parent | next [-] | | There absolutely can be "customer service" in OSS. You can usually find someone to pay for it. | |
| ▲ | 1718627440 a day ago | parent | prev [-] | | Customer service is how OSS companies make money. |
|
|
| ▲ | crazygringo a day ago | parent | prev | next [-] |
| [flagged] |
| |
| ▲ | homarp a day ago | parent | next [-] | | indeed
https://news.ycombinator.com/item?id=44336915 - Microsoft suspended the email account of an ICC prosecutor at The Hague then https://news.ycombinator.com/item?id=45837342 - ICC ditches Microsoft 365 for openDesk | | |
| ▲ | crazygringo a day ago | parent [-] | | Yup. Microsoft pledged not to intervene like that again, reclassifying its legal interpretation of its own services, and added language to its contracts to guarantee that it would fight future US attempts to do so: https://www.politico.eu/article/microsoft-did-not-cut-servic... When the US manages to force Microsoft to do something, it responds by trying to protect itself from the same scenario in the future. Because it wants profits. The ICC leaving Microsoft is the last thing Microsoft wanted. | | |
| ▲ | graemep a day ago | parent | next [-] | | That does not really much much difference. The US can still sanction people working for the ICC very effectively: https://www.heise.de/en/news/How-a-French-judge-was-digitall... and it can demand access do data: https://www.theregister.com/2025/07/25/microsoft_admits_it_c... | | |
| ▲ | crazygringo a day ago | parent [-] | | None of that has anything to do with whether Microsoft is trying to assist the government. The cloud companies are doing what they can to protect themselves against these government actions. | | |
| ▲ | graemep 14 hours ago | parent [-] | | > The cloud companies are doing what they can to protect themselves against these government actions. No, they are doing what they can to convince customers that they are trying to protect themselves against government actions. In fact its all smoke and mirrors. See the second link. AWS have admitted that the Cloud Act does allow the US government to compel access to French data. |
|
| |
| ▲ | dietr1ch a day ago | parent | prev | next [-] | | oh, pinky promise? sure, let's keep sovereignty at stake then, all good. | | |
| ▲ | crazygringo a day ago | parent [-] | | Lengthy contracts between nation-states and corporations, developed and reviewed by teams of lawyers, and enforced by judges, are not exactly "pinky promises." | | |
| ▲ | zelphirkalt a day ago | parent [-] | | They will become pinky promises, once Microsoft gets ordered to do something by orange man or some three letters. There isn't really anything Microsoft can do about that, unless they decide to move headquarters and lots of employees out of the US. It basically doesn't matter what they have in contracts, as US law or just political power with access to enforce that power trumps (ha) any contracts they can sign. | | |
| ▲ | crazygringo a day ago | parent [-] | | > There isn't really anything Microsoft can do about that, unless they decide to move headquarters and lots of employees out of the US. Actually there is, that's what the entire point of the sovereign clouds are. They reside physically in Europe, with legal control by Europeans, and European employees that can't be bossed around by the US. If the US orders Amazon to retrieve data from S3 servers located in a European sovereign cloud, Amazon employees in the US don't have the technical capability to do so, and the European data center employees are legally bound not to. | | |
| ▲ | zelphirkalt a day ago | parent | next [-] | | If those employees were working in a vacuum, then sure, but in reality they are not. Employees have bosses and those bosses have bosses, and those bosses have bosses in the US. If not direct bosses, then at least people higher up in the context of all of Microsoft, who can pull strings, criticize them, categorize them as unreliable, and make their life hard, or even bring into motion that they are made to give up their position or are let go. Most people don't want a hard life at the job and be bullied. It is likely, that people joining Microsoft don't have the strongest moral compass anyway, so them sticking their neck out for European data protection, and losing what comfy life they have, including probably exceptional ... Company politics are not to be underestimated. The question becomes who selects and vetoes higher ups in those sovereign clouds. European governments cannot trust US companies, even when they have inner-EU parts, because influence from the US cannot be rules out. | |
| ▲ | homarp a day ago | parent | prev | next [-] | | https://www.theregister.com/2025/07/25/microsoft_admits_it_c... "Microsoft admits it 'cannot guarantee' data sovereignty:
Under oath in French Senate, exec says it would be compelled – however unlikely – to pass local customer info to US admin" | |
| ▲ | homarp a day ago | parent | prev [-] | | and in reverse
https://www.theregister.com/2025/11/27/canada_court_ovh/ |
|
|
|
| |
| ▲ | a day ago | parent | prev | next [-] | | [deleted] | |
| ▲ | a day ago | parent | prev | next [-] | | [deleted] | |
| ▲ | rusk a day ago | parent | prev [-] | | You said > Where does this kind of conspiracy thinking come from? Now you say > Microsoft pledged not to intervene like that again You are full of it | | |
| ▲ | crazygringo a day ago | parent [-] | | > You are full of it Not appropriate for HN: https://news.ycombinator.com/newsguidelines.html | | |
| ▲ | whstl a day ago | parent [-] | | You’re dismissing the idea of interference one second and then excusing an example of such interference in the next. People don't want political interference between countries to happen again and you're calling it "conspiracy thinking". The snark of the above poster is the least problematic thing here. | | |
| ▲ | crazygringo a day ago | parent [-] | | No, you have it 100% backwards. I'm saying Microsoft is incentivized to not allow interference, and this is strengthened by the fact that when a government forced interference, it took steps to strengthen itself against future interference. So in light of that actual evidence, yes I am calling it conspiracy thinking to suggest that Microsoft has built in some kind of kill switch to make it easier for the government to do things that are against its corporate interest. Because that's literally what it is -- imagining some kind of conspiracy where Microsoft wants to help the US government, instead of its own bottom line. Explain to me what's problematic about that? And whatever you think about the arguments on either side, snark is absolutely a problem on HN. We can't have civil, productive discussions with it, and if you say it's "the least problematic thing here", then that's part of the problem too. Let's be better than that, how about? | | |
| ▲ | whstl a day ago | parent [-] | | Sorry but I still disagree. Calling other people's legitimate concerns "conspiracy thinking" is worse than the snark. IMO that's what we should be better than. And I get what you're arguing for, I just don't see it as plausible or realistic. | | |
| ▲ | crazygringo 21 hours ago | parent | next [-] | | There's zero evidence that Microsoft could shut down computers across a nation. Zilch. Nada. None. Meanwhile, OP asserted they are "sure" Microsoft could do it at the "flick of a switch". Under orders from the US government. That's absurd. If that's not conspiracy thinking, I don't know what is. A literal conspiracy between the two entities. When something is actually conspiracy thinking, you're allowed to label it as such, you know? You're trying to police ideas here, and that's entirely inappropriate. Be better. | | |
| ▲ | whstl 16 hours ago | parent [-] | | This is a strawman. They can (and will) switch off individual accounts from the US if the government asks them, and this has been demonstrated earlier this year. No, they haven’t coded a “country-wide kill kill-switch” but having the ability to kill individual accounts, and being in a jurisdiction that demands accounts to be disabled from time to time is equivalent to having such a thing. Also: Remember that several US organizations, including Github, have disabled thousands of accounts from eg Iran in the past is such maneuvers. So: definitely feasible and has definitely happened in the past, with or without the mythical kill switch you talk of. |
| |
| ▲ | rusk a day ago | parent | prev [-] | | Ignore the fool |
|
|
|
|
|
|
| |
| ▲ | a day ago | parent | prev | next [-] | | [deleted] | |
| ▲ | rusk a day ago | parent | prev [-] | | > Where does this kind of conspiracy thinking come from? The news in your jurisdiction might not cover these matters https://www.breakingnews.ie/world/trump-sanctions-on-interna... | | |
|
|
| ▲ | SoftTalker a day ago | parent | prev | next [-] |
| Prudent to assume that the same is possible with Linux. |
|
| ▲ | myaccountonhn a day ago | parent | prev [-] |
| I agree, but it also feels like it would be so difficult. It requires a ton of training, the UIs are not flashy so people are going to feel repulsed (I unironically found looks to be a big blocker when adopting open source tech) and finally Microsoft is going to lobby incredibly hard against it. I wouldn't put it past Microsoft to actively sabotage any adoption. |
| |
| ▲ | whstl a day ago | parent | next [-] | | This excuse is as old as the hills and I've been hearing it since the late 90s, but historically there has been exactly zero training between versions of Office or Windows that changed a lot of the interface overnight. Office workers just kept using them like the rest of the planet. Not to mention companies who moved on to Google Docs or the web version of Office. Or companies who moved to MacOS 15-10 years ago. In my state back home the entire workforce moved to LibreOffice and, according to my sister (a government worker), everyone is doing fine. Recently I saw a German government worker using Office to produce a document and she mentioned that she "barely knows how to use it" and "just knows how to load templates, fill and print". This hypothetical problem of "needs training" only seems to exist when you mention the words "open source". | |
| ▲ | dietr1ch a day ago | parent | prev | next [-] | | > - It requires a ton of training, the UIs are not flashy so people are going to feel repulsed (I unironically found looks to be a big blocker when adopting open source tech), and finally Microsoft is going to lobby incredibly hard against it. I think everyone agrees the costs are high, especially beyond monetary ones, but this stance on avoiding these costs is slowly pushing everyone into finding out how expensive is not having sovereignty. Through its tech industry the US has over time acquired too much power over critical digital infrastructure that has already compromised governments. We know of Presidents/PMs/Legislators spied upon through their phones and computers, and also Microsoft itself involved in revoking email access to the ICC's chief prosecutor as retaliation/defense against investigations. Sovereignty is too important for government, and since everyone needs to do it and get security right going for open-source with funded development and constant auditing is in my mind the only way. | |
| ▲ | GoblinSlayer a day ago | parent | prev | next [-] | | >UIs are not flashy Where did you see flashy UIs? Modern UIs are boring flat geometric monochrome shit and Microsoft is one of the worst there. | |
| ▲ | blibble a day ago | parent | prev [-] | | not being able to be coerced by the US regime is a huge strategic requirement that no amout of lobbying by microsoft will be able to overcome | | |
| ▲ | ThrowawayR2 a day ago | parent [-] | | The employees don't care about software sovereignty. They just want to do their jobs and get their paychecks. Fail to win them over and the transition will fail as well. | | |
| ▲ | blibble a day ago | parent [-] | | you might be right if it was american employees germans have been quite riled up by US escapades |
|
|
|
