this post was submitted on 23 Oct 2023
341 points (95.7% liked)

Technology

59314 readers
5725 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
L3s@fry.gs
L4s@fry.gs
L4s@lemmy.world
enu@lemmy.world
341
Raspberry Pi 5: available now! (www.raspberrypi.com)
submitted 1 year ago by simple@lemm.ee to c/technology@lemmy.world
73 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] SmashingSquid@notyour.rodeo 12 points 1 year ago (2 children)

Yeah I’d like a source too because what they said makes no sense. The immature way they responded to criticism of someone they hired is a good reason to be turned off of the pi, no need to actually make up something ridiculous.

[–] Adanisi@lemmy.zip 6 points 1 year ago (2 children)

I think they're referring to that one time they installed a Microsoft repo on Raspbian without permission.

[–] SmashingSquid@notyour.rodeo 8 points 1 year ago (4 children)

Thanks, that makes more sense. According to an article on ars it doesn’t actually install anything so I don’t see their problem. All they have to do is comment out the line or just use a different distribution.

[–] Evilcoleslaw@lemmy.world 7 points 1 year ago* (last edited 1 year ago) (2 children)

It was removed a month later anyway. Now VSCode can be installed through the main Raspbian repo.

[–] Buffalox@lemmy.world 3 points 1 year ago* (last edited 1 year ago)

OK they apparently did, but apparently they did it silently, at least I never noticed, maybe because I switched to Debian?
I actually thought it was still there!

https://forums.raspberrypi.com/viewtopic.php?t=306597

But you are right they did it after about a month. If only they had owned up to it. Or at least announced it more clearly.

[–] Adanisi@lemmy.zip 4 points 1 year ago

I think the main problem is just screwing with the system like that without permission. I mean, I know I was pretty pissed off when I found a Microsoft repo in my sources one day. It's not like it was a standard update or anything.

[–] BearOfaTime@lemm.ee 2 points 1 year ago (1 children)

For the overwhelmingly paranoid, there is one further possibility: if Microsoft were to make packages available in its repo with the same names as packages in the standard raspbian.raspberripi.org repository specified in /etc/apt/sources.list, it could override the "real" system packages with others of its own making.

I love the "overly paranoid" label, when you're talking about a repo than can alter "real system packages".

In what world is this OK?

[–] SmashingSquid@notyour.rodeo 4 points 1 year ago

That’s not the same as their claim that Microsoft software was pre installed and has access to your system which is what I’m arguing was incorrect.

[–] Buffalox@lemmy.world -1 points 1 year ago (1 children)
[–] SmashingSquid@notyour.rodeo 6 points 1 year ago (1 children)

Explain how adding a Microsoft repo that doesn’t actually install anything is the same as giving Microsoft access to your device?

[–] Buffalox@lemmy.world -2 points 1 year ago* (last edited 1 year ago) (1 children)

OK if i must...

The raspberry pi came preinstalled with a Microsoft developer tool, which resided in a Microsoft controlled repo.

Now Microsoft has root access to your system, whenever you make any kind of upgrade, and can change dependencies for that tool to anything in their repo. Basically granting a third party control over your raspberry pi.

The worst is that it's very difficult to prevent, you may look up guides to prevent Microsoft repo, and even these solutions have shortcomings.

https://arstechnica.com/gadgets/2021/02/raspberry-pi-os-added-a-microsoft-repo-no-its-not-an-evil-secret/

On top of that, this enabled telemetry which is borderline illegal in EU.

It also means you ping Microsoft with every use of your package manager, granting Microsoft very useful information on a competing OS, plus giving them information you may not wish to give them.

You may consider all these issues as non issues, but I do not.

Edit:

It did not come preinstalled.

[–] SmashingSquid@notyour.rodeo 3 points 1 year ago (1 children)

Finally, performing apt policy code confirms that Visual Studio Code was not actually installed on my system—it's just easier to install (and update!) now, since its parent repository is part of my sources list, along with the GPG code verifying the contents of that repository.

It didn’t come pre installed with the tool. It only had the repo. Did you even read your own link?

[–] Buffalox@lemmy.world 0 points 1 year ago

Corrected.