TPM is a dedicated chip or firmware enabling hardware-level security, housing encryption keys, certificates, passwords, and sensitive data, “and shielding them from unauthorized access,” Microsoft senior product manager Steven Hosking wrote last month, declaring TPM 2.0 to be “a non-negotiable standard for the future of Windows.”
I agree. People need to stop using GitHub already. Btw, Forgejo will be getting federation with ActivityPub.
I’m so excited for ForgeFed
You can also follow them on Mastodon https://floss.social/@forgefed
Normally, offloading cryptography to a different hardware module could be seen as a good thing — but with nonfree software, it can only spell trouble for the user…
Could someone explain more about this? What about TPM + proprietary OS is bad? What are the risks here?
It’s just FUD and made up shit. I hate MS as much as anyone else, but the statement is bullshit.
I’m okay to get downvoted.
But unless the solution provides a easy way to create issues and MRs, has high upstream and I can read the code in a browser, then I’m sticking with GitHub.
I say this as a person who contributes to open source and I absolutely know that if I hate something, I should fix it. But I’m dumb as rocks and I just want to contribute, and GitHub hasn’t Enshittified itself to a point that stops me from doing that. Yes, it’s under Microsoft.
I’ve tried a few others, and I keep going back to GitHub because it has the least barriers of entry. I can contribute, I can get feedback, and I can move on.
There are a few quite good alternatives, like codeberg.org and gitlab. But, im not really disagreeing. Perhaps out of familiarity, GitHub UI/Features is still my favorite.
I agree. But Codeberg is very similar to GitHub. I like it, more than Gitlab.
Gitlab is ok, and Codeberg is getting there.
I think the main thing that keeps me on GitHub is the network effect - all the other projects are there. They also have very generous (basically anti-competitive) free tiers.
I’m so tired of projects being like “We’re open-source” and then they’re hosted on GitHub, using Discord and whatever fucking other awful tooling they can get their hands on. Thanks guys. I’ll definitely check out your project, yes.
how does that make the project any less open-source?
what’s next, shaming project owners for living in a house that they pay for with a corporate job?
we get it, you hate capitalism, but that doesn’t mean other people want to go live in the woods too… gotta be realistic :)
They are still technically open-source. I’m not saying that they’re not. But they’re actively alienating users who want to use open-source, because those users cannot get support, report bugs or contribute to the project without using proprietary software.
How extreme do you have to be to only use websites if they are open source?? That’s roughly 0% of the web.
There are enough other reasons to switch away from GitHub…
