I'm glad to hear the EU is open to discussion. I appreciate that they just want better security online. They just don't seem well equipped to understand FOSS, or even the concept of libraries tbh. If they drop it I will be quite impressed.

The cookie warning regulation is a perfect example of how the EU isnt technically suited to regulate software or the internet yet. They need to improve their processes. Its too old world to be effective.

Of all things that need regulating, I'd say that the OS vendors should have no right to force/do deals with hardware manufacturers to only allow their OS to be preinstalled. Be it, laptops, phones or other hardware form factors. If this was stopped, I don't think companies such as Microsoft & Google would have such a monopoly over the operating systems market share in mobile phones & laptop computers etc...

even large corporations have a vested interest in free and open source software, yet short sighted profit chasing has lead to them to consider FOSS an enemy even though hurting FOSS will hurt these large corporations in the long run.

The more this goes on the more suspect everything about this becomes. The legislators are jumping an awful amount of hoops to avoid putting down the phrases "open-source excluded", "non-profit excluded" etc. There's already a clear definition of "non-profit organization", yet in the previous drafts they used cumbersome and leaky alternative definitions with peculiar phrasing. This seems like non-aligned (in the sense of cyber security) interest groups are hitching piggy-back rides for their own purposes: almost every year some for-profit-companies offering some stale stagnant software/service are obsoleted by some almost-good-enough-foss project, these companies would benefit from imprecise wording and dubious phrasing in the definition of "open-source non-profit". A shame that the EU legislation seems to also have adopted the German "Neuland" mindset. A shame that the EU parliament also seems massively disconnected from affected and involved citizens relying exclusively on personalities and institutions (each with their own agendas). All of this could be done and over with, with "non-profit open-source organizations and individuals excluded" and the omission of those bullshit redefinitions of "non-profit". In more informal words: way to shit the bed, EU.

If 80% of the software is open source then probably there is an easy way to get the EU to drop the law for open source projects: just give them a taste of what it would be like if all those projects disappeared by having major open source projects go dark and suspend all downloads for one week. The resulting crapstorm should make it clear this law is not a viable solution.

Thanks for your take on this topic. It's refreshing to know that OSS orgs are pushing back against this legislation.

Nicco: Do you remember? Me: 21st night of September?

people who don't understand computers shouldn't be making laws about computers

Certified for evil bureaucrats :D.

Proprietary and Closed Source = Corporate Greed Free and Open Source = Freedom

Thanks bro, FOSS is everything and everywhere.

You pronounced his name correctly, he used to he my boss :)

We need to support FOSS and keep corporations in check. Hopefully, the EU can do this correctly.

I’ve been using that “damn… we’re in a tight spot” line for years…. I can see it works a lot better with a picture 😂

If you were a prison guard, would you want weaker inmates, and more control over them, or stronger inmates, and less control over them?

I disagree about the Ericsson quote interpretation at 4:43 , (and I'm not otherwise informed about this case, I didn't read the full letter, I couldn't find it, nor am I a lawyer). My interpretation of the quoted snippet is quite the opposite: To me it sounds like they're saying "Hey, these regulations on competitors cooperating don't have any carveout for open source. Please change them to clear it up that cooperation for open source is ok". I've worked in big enough companies to know that if something like this is ambiguously worded the company lawyers won't let you take chances so I can see a lawyer at Ericson saying that without specific text makes it clear that there's no risk in cooperating for open source it would be a problem. Otherwise every time an engineer from Nokia chats with an engineer from Ericsson about a kernel commit (for instance) they'd have to check with legal. At least that's what I would have understood from the quoted snippet.

Solution: define Open Source Non Profit. Why they don't use that wording smells of big money.

Thank you for your great and important contributions. Keep up the good work!

Your English is actually very good and you pronounced Phipps correctly.

Not sure whether I should be asking Nicco or the editor but I'll keep asking to stop putting random unfunny facebook memes that look like they were put just by the first google image result as "[word said in the video] meme". They're pulling the video quality down which is otherwise really good.

This is why the Admins of old actively beat their users. Weakness is disgusting. Live by the supply chain and die by it, you don't get any more Tradeitional than that. Freedom of Code.

To be honest I've reached a point where I thing a lot of regulation is just useless and should not exist or come to existence in the fist place. You just need real liabilty of the manufacturer/service provider. And if you're just using Open Souce software, that's excluding this liability and without a contract granting you manufacturer liability, then sorry, you're on you're own. That's how the world works... Of course there are things where regulation is necessary. But I don't think most of software is. Most software products won't be able to kill someone, and even for critical systems, like for example software controlling the electrical grid, just putting a CE certification on the software stack of the servers won't solve anything... Also I think we've already reached a point where there is so much regulation, that no company or project is and can follow everything. It also leads to a situation where people just follow the regulation/certification guidelines without thinking about it and missing the big vulnerability in their product. I would rather like to see developers working on the security of their software on their own terms then going though a checklist...

14:19, lack of mouse wheel based screen zoom, cinnamon can do it, XFCE can do it, yet other desktop managers like GNOME, GTK or whatever it was (can never remember), until they do f**k their desktops

I thought another issue with the CRA is that it basically outlaws publishing software with bugs as I understood it?

If it's the EU asking for it, can't be anything good. Those people always come up with bad ideas masking for good ones. Control is what they aim.

FOSS is so important. I hope they make all the right decisions

The DSA is also there !!! as people dont cae about their privacy at all anymore who cares about Linux unless the 5% worldwide who use it on private biasis? thats the problem - linux did not gain significant market domination in the last 30 years...still most are running WIndows and this is for a good reason.....GUX on Linux is still a mess.....if linux just would be as safe and comfotable to use like windows is....(after a rework on it ) ... All Digital Data are in danger now !! and people still dont know how to find "developer mode" on their mobiles....that the problem - people dont care about ..they just repeat " i dont have anything to hide ".....with that kind of culture you dont lead a revolution !

I switched to linux a month after getting a steam deck, this was over a year ago and after over 20 years of windows, kde on the steam deck is what gave me the courage to swap, looking back lol I like kde more than the desktop I wanted it to be like, ty to you, the kde team, and valve this was the best year I have ever had in tinkering. I have swapped my parent's comps, little brothe swapped to just a steam deck and both my sons do their homeschooling and gaming on their desktop linux pcs lol I'm still a total noob but linux has come so far I can use it for everything I did in windows and only 1 private server game I play on required the terminal for a simple copy paste mono install after that lutris took it from there

Make the certification optional so clients can decide and it doesn't become a bureaucratic nightmare.

Very True...

Stop taking photos during your video. Thank you for coming to my Ted Talk.

Having a certification for those things is fine. Requiring that certification for software that governements and people employed directly by the state/EU/whatever use is also fine. Banning the product from being used in whole of EU because of this is stupid. Obviously it's not only bad for open source projects, but also for smaller comercial software solutions that just don't have the money to do the certification. EU has some very good ideas that are well implemented, some ideas that are badly implemented and some that are plain terrible and however they are implemented is bad. Sometimes they just have a brain fart and best you can hope is people there or people in general can vote against those brain farts in those cases. Am i saying CRA is bad? No, just depends on what they want to do with it. Honestly GDPR is in my opinion one of those ideas that sounded good in theory, but isn't regulated properly and all in all is close to useless.

For the love of God....We don't need these bureauomorons telling any independent developers or groups what they should do. They don't even understand the technologies they have the temerity to decide to regulate. How do you even regulate something entirely voluntary?

Bedankt

dall'Italia che si può fare ?

Thanks for making this video. Yes, English law and politics are hard. Even as a native speaker, I get mild headaches reading that kind of stuff.

Isn't EU on track for agenda 2030? Because from what I can gather, the agenda 2030 includes ending with open-source because that would lead to ownership.

I'd be OK with outlawing Gnome.

Almost all legislation (excepting counter-legislation or repeal) is bad legislation. Rules should arise naturally from the repetition of attempts to fairly resolve disputes in a way that is designed to prevent violence. The real problem here is that these three things "the state", "antitrust" and "intellectual 'property'" law are solutions in search of a problem They don't truly solve much (this is because as Thomas Sowell said - there are no solutions - only trade-offs) , they merely expand the scope of problems to be resolved. Big tech (particularly the most nefarious parts) is largely a creation of the state. States, as they gain more power, largely move in one of 2 directions, but both arrive at totalitarianism if left unrestrained (the 2 directions being socialism, or corporatism.) Restraining states becomes more difficult as states grow in size. States are fundamentally nothing more than a territorial monopoly over "legitimate" aggression. They are not wholly different than the mob or any criminal cartel that protects its turf with armed thugs. The reason they appear different is that they are "smarter" than these other organizations. To rob and oppress other people and feel good about it, it's necessary to feel like you are doing neither. So the most important party to deceive if you are within the state (or desire to join it) is yourself. Once you are able to engage in this self-deception, teaching yourself that you are necessary to restrain all forms of bad behavior, or even potential bad behavior, is quite simple. The smartest people are the best at engaging in this form of self-deception, and in convincing others of it in turn. All of the parties involved in politics are ultimately engaged in this same process in slightly different directions. A small number really do want to restrain the state in particular areas, but if they last for very long, they are almost always also full of people who realize that the long term interest of the organization is not to fix the problem, but to merely mitigate it or to act as a controlled opposition. This way they can keep getting the funding from their donors. There are, on occasion, political means to restrict the state or limit it. This is easier to do the smaller the state is, and the less parties need to engage in constantly lobbying it for their slice of the pie. But the more parties need the state, the more parties cannot imagine it ceasing to provide that slice. They cannot oppose it, because it is what gives them what is most important to them.

Part of the problem IMO is that security is *hard*. Even the biggest corporations get it wrong sometimes. What about inexperienced and hobbyist developers? I just don't think it's practical. If it's something safety critical, like a fly by wire system for aircraft - that should be regulated, sure. But those are pretty narrowly defined systems with very limited scope. I don't see how it would work for the broader ecosystem of general purpose software. It's not like developers don't want secure software - a lot of time and effort has been put into making operating systems secure, creating sandbox environments, etc. We definitely want it. If it were easy, we'd already have it. I don't think regulations would make everything more secure, they'd just run a lot of good developers out of business.

09:48 subtitles: abandoning git

I'm in the UK so no longer in the EU unfortunately ... (I voted against the idiocy that is Brexit) is there anything I can do ?

It wouldn't make sense to put open source disadvantaged. With open source you can at least inspect the software you are using so you have a general idea of how secure it is. With closed source you are entirely dependent on the software provider. With open source the disadvantage is the developer needs to be willing to put in the extra time to fix security issues, but it's still necessary. With closed source the main goal is to make money, so there is no incentive to provide security guarantees unless not doing so somehow creates legal issues and risks.

Still not patched?

are they regulate them as cucumbers? 😅 who even elected them

Quite simple to me: If anyone gets paid for your whatever kind of work, he has to make safe software. Infact, open source doesn't mean free/'not paid' software, a lot of companies make money with open source software, and these companies have to supply safe softwares/services. It's time for me to start learning the linux from scratch books 🤣.

Niccolo, your videos are great. But the current styling is getting a bit, um .., boring. At least for those who watch every one of them. I know I'm not supporting you financially because rn I earn less than you do lol. But maybe you can change the theming a bit. You know, KDE is all about kustomisation :)

Fu.. EU