In so far as any FOSS product with a wide community of contributors can be said to have a nationality, surely KDE is German. And if we're looking for an underlying distro with an EU connection, why not Devuan?

TBH I wasn't aware that Devuan is especially European.

On the list here -- https://www.devuan.org/os/team

I see...

» Franco "Nextime" Lanza (VUA) :: GPG key 0xDFEDF580D6132D50

https://www.nexlab.net/aboutme/

Italian?

» Denis "Jaromil" Roio (VUA) :: GPG key 0x73B35DA54ACB7D10

https://jaromil.dyne.org/

Italian?

» Daniel "Centurion" Reurich :: GPG key 0x27B9FAA4EBAA93A1

https://www.linkedin.com/in/centuriondan/

New Zealander?

Any more local info?

I am not disagreeing here, just saying I wasn't aware of any significant geographical base... but I have not looked.

Debian itself was started in the US although it is very international now.

From their page footer: "Devuan is a registered trademark of the Dyne.org foundation" and Dyne are based in Amsterdam.

We feel that the FOSS world needs to build its own equivalent of ChromeOS – a simple, stripped-down stateless client desktop, with at least dual failover local partitions, which can talk over open protocols to sovereign cloud servers that organizations can host themselves.

Agreed. And not being a software type, something that was interesting to read about in Charles Stross's Laundry Files where that concept was described as the Laundry's desktop environment of choice. Seemed like a really good idea. So is having a EUroOS, which as well as potential for better security, could save a large fortune in licence & admin costs. I agree with the comment that it would seem sensible to base it on a European distro though.

The problem with stateless clients hosted on a cloud server is that it only takes one security incident to compromise the whole setup...

Hold up.

There are 2 points here, and in one of them, you are conflating 2 different things.

Second first -- here:

> stateless clients

That's one thing.

> hosted on a cloud server

I did not say hosted on anything anywhere.

A "stateless client" means local software installed on a local machine's local storage... these days, on an SSD.

That machine is smart enough to get online, offer you enough UI to connect to a phone or a hotspot, enter Wifi credentials, handle portal screens, etc.

Then when you're online you can get at the organisation's data over encrypted connections, possibly unlocked with further authentication once you're in, biometrics, USB tokens, whatever.

The _software_ is local. The _data_ -- the files or whatever -- are not.

Secondly:

> one security incident to compromise the whole setup...

That is equally true of any credentials leak or whatever. One lost Windows laptop with a corporate Exchange account on it, say.

Quote: "...when you're online you can get at the organisation's data over encrypted connections...."

Sure....the client might be bulletproof....................

.......but, as we have seen over and over again centralised data is quite another kettle of fish!!!!

Maybe this whole article misses the point! Namely that there is a MUCH BIGGER PICTURE HERE than just "immutable Fedora" on the client!!!!

Misdirection in ElReg? Surely not!!

Maybe this whole article misses the point! Namely that there is a MUCH BIGGER PICTURE HERE than just "immutable Fedora" on the client!!!!

Misdirection in ElReg? Surely not!!

I don't think it does, but OS choice is just one part of the swiss cheese model. Charles Stross's description of the Laundry's config got me looking (and asking) a bit deeper. Having an instanced session just seems like a really GoodThing(tm) because it limits what can be lost/compromised if data isn't on the device when the session ends. Can't remember which book it was in, but it was written years ago and commercial implemenations for this (non)trust model exist.

Sure, it's not perfect, assuming the EU decides to plonk all the data in AWS or MS's cloud, but if there's control over the OS and basic app suite, then it gets a whole lot easier to expand the service to a EUroCloud under European control. Then with the anticipated scale and potential for cost savings, seems like a project worth pursuing. Downside is maybe also needing a European supply chain that can make the servers. One of the biggest bits of smoke & mirrors around the 'cloud' is behind the hype, the 'cloud' is still a bunch of HPE or other servers, just hiding somewhere else and behind an innovative charging model.

Well said. The best and most secure OS, driven by an idiot, is still insecure.

European staff I have met are well ahead of their American counterparts. There are many useful tools that do not have an equivalent on Linux thanks to roadblocks and patents held by business monopolies.

so fork 9 front and finish webfs you'll get alot more than stateless clients but you can have those too

My problem with the idea is that all-remote data often makes the data fragile. For example, let's say I need a bunch of credentials to access things because my employer hasn't got a full SSO setup. They want me to use random passwords and a password manager. Where are my passwords? Options:

1. On my computer: then it's not stateless, because at least some information is stored there.

2. On their servers, and I have to authenticate to get to it, which makes it easier to attack because the attacker does not need access to my computer.

There's a reason why many businesses prefer number 1. Having a dumbish terminal also leaves you with a dependency on the network. You might be in the admittedly large camp that always has network access or can't do much work without it anyway, though not everyone is, but one major problem even in that situation is that some things are sensitive to latency. There are tasks that aren't well handled by such a device.

Nowadays, Fedora is part of IBM. As such a natural choice as no one got fired for choosing IBM (or so I was told). On the other hand, IBM is not the most stable company anymore and their commitment to RedHat is not unquestionable.

I think the choice was also guided by the fact that RedHat itself have a good track record.

I do understand the importance for a remote desktop like client server setup, like ChromeOS. Managing a few tens of thousand desktop PCs and laptops in any other way is "impractical".

Personally, I loathe Fedora. I have bricked half a dozen installations of Fedora during updates. Never understood what happened. I didn't fare much better with SuSE, though. Stuck with Debian/Ubuntu distros to my satisfaction.

Yeah, this idea of an EU OS is interesting wrt EU's computational Sovereignty, without foreign kill switches for example. Riemann may have chosen a Red Hat distro based partially on considerations of compatibility with [1]CERN , but really after the 'recent' [2]RHEL drama , wouldn't another distro be preferrable, like one that has worked on providing a still-open-source [3]alternative build , and also an [4]immutable version . Plus, EU OS should probably be enterprise-oriented rather than workstation-bells-and-whistles based ... so some sort of SUSE Linux Enterprise (SLE) might be the ticket.

If I understand correctly that would be a Finnish OS kernel, packaged in a German (formerly?) distro, owned by a Swedish investment firm (EQT Partners), with a German desktop (according to Dr. Syntax). Myabe the French would object? (... should Atos be involved?)

[1] https://linux.web.cern.ch/

[2] https://www.theregister.com/2023/07/20/kettle_linux_rhel/

[3] https://www.theregister.com/2023/07/12/suse_announces_rhel_fork/

[4] https://www.theregister.com/2024/01/17/opensuse_confirms_leap_16/

"a German desktop (according to Dr. Syntax)"

Not just according to me: "KDE is legally represented by KDE e.V. based in Germany, which also owns the KDE trademarks and funds the project." according to https://en.wikipedia.org/wiki/KDE which will also tell you it was founded by Matthias Ettrich when he was a student at Tübingen. For added Europeanness it uses the Qt framework from what was originally Trolltech which takes us back to Finland.

For a server they could also use Nextcloud from Nextcloud GmbH, i.e. based in Germany as is the Document Foundation, responsible for LibreOffice. I believe Collabora in Cambridge are major contributors to both of these but, of course FOSS development knows no boundaries.

PXE booting would remove the local SSD as a single point of failure, and disposing of old machines would be simpler if they didn't have to have their internal SSD removed lest an attacker use advanced data recovery techniques to retrieve saved data.

Sun X terminals, no local storage, runs over the network. What goes around comes around.

Sun X terminals, no local storage, runs over the network. What goes around comes around.

In the beginning, there was the mainframe, and sometimes RACF. Then the hype around peer-peer and dumb terminals became a lot more expensive and insecure. Then came 'thin clients'. Then 'cloud'. And lo, it seems we're slowly going back to the days of big iron, a more secure environment and lower cost terminals to access it all.

(It still boggles me that IBM fell so far behind in the 'cloud' wars when they'd been doing cloud computing for decades.)

A 'locked down' system would not use the cloud and would not connect to the public internet.