←back to thread

Ventoy: Create bootable USB drive for ISO/WIM/IMG/VHD(x)/EFI Files

(github.com)
284 points wilsonfiifi | 4 comments | 30 Oct 25 14:23 UTC | HN request time: 0.834s | source
Show context
mkesper ◴[30 Oct 25 15:04 UTC] No.45760844[source]
The lot of (partially scary) binary blobs is still an unsolved issue: https://github.com/ventoy/Ventoy/issues/3224
replies(5): >>45760882 #>>45760933 #>>45761425 #>>45761632 #>>45761980 #
i4qpLmoptUph3fZ[dead post] ◴[30 Oct 25 15:52 UTC] No.45761425[source]
[flagged]
junon ◴[30 Oct 25 16:02 UTC] No.45761520[source]
The rationale for needing a random driver makes some sense. The statement that they found a random build that was signed by some randy is a horrifying prospect.
replies(1): >>45762457 #
1. fukka42 ◴[30 Oct 25 17:17 UTC] No.45762457[source]
Someone compared hashes of the sectors of both drivers and they are identical except for the signature.

You don't know what due diligence was done.

replies(1): >>45762732 #
2. junon ◴[30 Oct 25 17:36 UTC] No.45762732[source]
I don't, no, but why should I trust the maintainer, and why should the maintainer trust Randy from some random site?
replies(2): >>45763211 #>>45763326 #
3. fukka42 ◴[30 Oct 25 18:15 UTC] No.45763211[source]
Because you intend to run their software? And don't try to tell me you've never ran any proprietary software.
4. i4qpLmoptUph3fZ ◴[30 Oct 25 18:23 UTC] No.45763326[source]
To sibling comment: I don't understand your line of reasoning. How does using someone's software make you trust them? Don't you need trust to run someone's software first?