Ventoy source code contains some unknown BLOBs, still no word on the issue from the dev after months : opensource

[-] MigratingtoLemmy@lemmy.world 12 points 1 month ago* (last edited 1 month ago)

Need to compare hashes between a stock ISO and one ~~flashed~~ booted by Ventoy (dd the latter to a file and check)

[-] pokexpert30@lemmy.pussthecat.org 4 points 1 month ago

Wat? Ventoy doesn't flash isos, it boots from them

load more comments (1 replies)

[-] jsomae@lemmy.ml 11 points 1 month ago

What does BLOB stand for?

[-] boboblaw@hexbear.net 5 points 1 month ago

Binary Large OBject

load more comments (3 replies)

[-] ulterno@lemmy.kde.social 9 points 1 month ago

I like multiboot. Used it back when I used Windows.
The Ventoy advertisements on Reddit looked too suspicious, so I never checked it out.

[-] sorter_plainview@lemmy.today 9 points 1 month ago* (last edited 1 month ago)

This is a bit absurd. I really don't think this is as serious as some comments say. Also there is a comment from AUR package manager which explains more details. . And even the blobs in the first post there are source and build instructions in their respective folder.

[-] thingsiplay@beehaw.org 11 points 1 month ago

That linked reply doesn't explain anything. It just says "bro trust him". Just because you and the AUR maintainer says its trustful, does not make it clear whats behind the binary blobs. It doesn't matter what anyone says, if we can't verify. In my opinion, its absurd calling others absurd for not trusting the word of others.

load more comments (3 replies)

[-] TinyShonk@lemmy.world 8 points 1 month ago

Is BLOB an acronym?

load more comments (2 replies)

[-] pokexpert30@lemmy.pussthecat.org 8 points 1 month ago

I just wish it had a real alternative. GRUB on USB doesnt support as much distros or windows.

[-] MonkCanatella@sh.itjust.works 7 points 1 month ago

I've had too many issues with Ventoy that I'd rather just use fedora media writer or balenaetcher for when that doesn't work. I mean honestly it's a bit gimmicky, even if it's a cool concept. I believe Glim and some other options exist too

load more comments (1 replies)

[-] Rentlar@lemmy.ca 7 points 1 month ago

It's a useful tool, but there is a security concern for anything not fully open source. You will have to weigh your risk factors, I doubt that it's any problem for most consumers or distro hoppers.

Best to keep an eye in case any new contributers arrive suddenly...

[+] unionagainstdhmo@aussie.zone 3 points 1 month ago* (last edited 1 week ago)

[deleted]

[-] bleistift2@sopuli.xyz 10 points 1 month ago

I cannot fathom what in this issue description gives rise to your concern. It’s worded very calmly, clearly explaining why the author thinks these BLOBs shouldn’t be there, expressing an understanding that it’s not a top priority and even closing with a thank you.

load more comments (5 replies)

[-] lorty@lemmy.ml 3 points 1 month ago

I mean the author has simply ignored this issue. If you look into it there are a few that people simply do not know how to generate, so without the maintainer it's impossible to make a PR solving this.

load more comments (1 replies)

[-] interdimensionalmeme@lemmy.ml 3 points 1 month ago

Actually you can and should Gordon Ramsey all over it. It is the duty of audience members to express how they feel honestly about the artwork.

Open Source can and do understand that and open source software becomes better for it.

load more comments (2 replies)

Open Source

Useful Links

Rules

Related Communities