37
submitted 2 months ago by mesamunefire@lemmy.world to c/linux@lemmy.world
you are viewing a single comment's thread
view the rest of the comments
[-] SatyrSack@lemmy.one 4 points 2 months ago

So, here we'll talk about the following ways to flash ISOs:

Probably fine if you just want to install a single OS once and be done with things. But if you plan on dedicating a flash drive to be your Linux install media for the foreseeable future, just use Ventoy: https://www.ventoy.net/en/index.html

[-] drspod@lemmy.ml 25 points 2 months ago

Ventoy has a lot of work to do if they want to earn our trust:

Remove BLOBs from the source tree #2795

This ticket has been open now for 5 months with no engagement from the maintainer.

Your install media and anything that modifies your EFI partition or UEFI firmware settings needs to be the most trusted part of your system. And here is Ventoy, a tool that looks open source and then includes a large number of binary blobs in its repository, with no indication of how they were compiled. This is horrible security practice and for me that's enough for me to never use it.

You can also see a discussion on the subject on HN here: https://news.ycombinator.com/item?id=40689629

A much better alternative, if you want a multi-boot USB, is GLIM: https://github.com/thias/glim

It's just a collection of Grub configs, so very simple and easy to audit.

[-] bargo@mastodon.tn -3 points 2 months ago* (last edited 2 months ago)

@drspod @SatyrSack Ventoy has bad parts yes but many things either are only supported by it or rely too much in it, for example, as a sysadmin I need to have at all time a winlol ISO (even though I hate myself every time I use it) and also as an IT I need to have a MediCat USB at all time, both cannot be done with Glim, so until a better solution sees the light of day, Ventoy should remain my main tool

[-] drspod@lemmy.ml 6 points 2 months ago

So your approach to security is that you cross your fingers and hope?

load more comments (2 replies)
load more comments (2 replies)
this post was submitted on 17 Sep 2024
37 points (95.1% liked)

Linux

8210 readers
36 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 2 years ago
MODERATORS