Memes

45641 readers

1636 users here now

Rules:

Be civil and nice.
Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago

MODERATORS

[email protected]

873

Hopefully Apple is only the beginning (lemmy.dbzer0.com)

submitted 1 year ago by [email protected] to c/[email protected]

103 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

According to this site they claim that “The Cyber Resilience Act should only apply to free open-source software that is developed or supplied in the course of commercial activity.”

Almost all FOSS development happens as part of a commercial activity.

The most obvious example is of course corporate sponsorship of FOSS projects, but even things like pull requests submitted to FOSS libraries by corporate employees qualify as “develop[ment] in the course of commercial activity”.

Linux is really the big thing I see it applying to and Linux is very Cyber secure, so I don’t really see issues there.

Linux does not and cannot comply with the demands of the Cyber Resilience Act. For example, the Act demands automatic update installation, which within a kernel is infeasible and unsafe. Linux will be illegal in the EU.

Furthermore, no company in its right mind is going to sponsor, or allow its employees to contribute to, any FOSS project if doing so creates the risk of fines. All corporate sponsorship of and contribution to FOSS projects—which, once again, is responsible for almost all FOSS development—will completely and instantly disappear in the EU, severely damaging the worldwide FOSS movement.

Needless to say, this proposal is catastrophically bad.