Microsoft repo installed on all Raspberry Pi’s (opens in new tab)

This feels like a huge overreaction.

"(...) every time an install of Raspberry Pi OS is updated it will ping a Microsoft server. Microsoft will know you're using Raspberry Pi OS/likely Raspberry Pi owner and your IP address."

How is this is an issue? It doesn't require any login and this is exactly what happens with every APT mirror.

I imagine that Raspberry Pi OS is an distro meant for people who simply want things to work out of the box, I can see why the Raspberry foundation would want to add repos for easy installation of the VSCode.

If you want tight control of what happens in your system, you are free to install any other distro you want.

The most disappointing aspect about this really is how the Raspberry Pi team and mods can't even remotely admit or acknowledge why some people are very unhappy about something like this.

What's wrong with communicating this change or making it opt-in?

Randomly pushing repos and adding trusted keys without any notice or consent is never a cool move.

I'm not surprised by this:

- The RPi Foundation exists to educate children. There is no mention of "open" on their About page and there are the long running discussions about how open their hardware is and the reliance on proprietary blobs for the GPU [0]

- The 'maker' community interest was originally a surprise to them [1] which still staggers me given that Arduino had long been a thing

- MS has a history of capturing the budgets of educators and attention of young minds. The education computer market in the UK used to be dominated by Acorn and Apple until MS decided they wanted a piece of the pie and decided that computer education in schools should be about learning to use Office [2]

[0] https://www.raspberrypi.org/about/

[1] https://www.jbs.cam.ac.uk/insight/2012/raspberry-pi-2/

[2] https://www.cbronline.com/news/acorn_backs_away_from_uk_educ...

Raspberry Pi OS comes with a ton of stuff, among others, Minecraft or the "Pi Store". It is not a minimal building block for your custom hacked Linux firmware, it's what they provide so teachers can install the stuff and have kids use it without going to a console and editing sources.list first.

At the risk of getting bashed, isn't 'pinging a Microsoft server' what happens every time I clone, push, or pull from GitHub? There might be be bigger issues to deal with than apt repositories if you don't want to ping a Microsoft server.

All Raspberry Pi's, or just those using Raspberry Pi OS? There are other OS choices for your Pi, and I would be surprised if the Microsoft repo made it into all of them.

If I was going to use a Raspberry Pi for commercial use I would want full control over the OS and use Open Embedded etc, just like I have done for NXP etc. That way I have full control over my system. I think the alternative of using Raspberry PI OS and the dependency on updates on Raspberry Pi and their suppliers is too risky. So this is a non-issue for me.

To put this into perspective, I'd like to kbow how many repos and gpg keys are there already. If microsoft was added to dozens others, then this is a storm in a teacup. If it when from 2 to 3, then the change is more significant.

Lets keep in mind that the central goal of PI OS is education, not security, privacy, sticking it to corporates, IoT, etc.

Redmond got finally a root shell on your Pi :-)

previously: https://news.ycombinator.com/item?id=26024381

Trust is hard to gain but easy to lose, and developers have a very long memory.

After almost a decade of gaining trust, Raspbian has now lost a huge amount in a single bad decision. It's yet even clear they even understand the depth of the mistake.

For future Raspberry Pi deployments, I will be sticking with non-Raspbian distributions, like vanilla Debian.