We are looking at upgrading our network equipment from old HP switches and Aruba access points, we have a Fortinet firewall that we are happy with, so we’ll probably keep using them there, but for the rest we are looking for new stuff.
And we are looking closely at Ubiquiti for switches and APs, but two things have appeared on our radar.
Ubiquiti does have a cloud admin UI, this means that Ubiquiti needs to have access to our network controller to access this feature.
But what if we don’t use that, will Ubiquiti still be able to access the network controller?
I guess that what I am asking is how does the access control work?
Also, updates, I see that they seem to be very frequent and also see some scattered reports that they have required admins to reset their configs and loosing camera footage, can you set updates to be delayed for X days?
If you don’t flash custom firmware images on them that you built yourself from source code; then you have a massive backdoor that you can’t turn off. (Same goes for all other networking vendors, especially Cisco)
Just note, this is the extreme interpretation of software in general (“if you don’t compile the compiler by hand it could insert a back door!”)
For the purpose of your question, as others have stated you can run things isolated on your network with local accounts and not use their remote services (incidentally that’s how I run it)
No, proprietary software by default is malware. Either currently active malware or will likely to turn into malware whenever they get the urge to increase their stock price by bricking your shit, extracting data from you or any other thing that they might choose to do to bump those numbers up.
That is a very idealistic way of looking at the issue, and I am very impressed if you have the skill and time to maintain your computer systems completely free from proprietary software.
However, we do neither have the skill not the resources to follow that path, so while I agree with you on principle, reality does make those principles impossible for us to work under.
My husband buys hardware which has excellent Linux support and by investing in quality products, he maintains a source code only home environment that I quite enjoy.
I am sorry but this is an argument on par with a 5 year old saying “my dad can beat up your dad!”
I am glad that you have an environment that works for you, but unless you yourself maintain it to the standard you set earlier, I find it difficult to take you seriously.
More like, I don’t discount the contributions of others who helped me. Having to expect everyone to be everything and do everything is such macho bullshit. When everyone works together and puts in the little help that they can, things you consider hard/impossible can be achieved in a rather short time frame.
Didn’t you say that everyone should only run software that they have access to the source?
This is litterarly what you sat on your high horse and yelled out that people should do, yet you decide that you don’t.
Not really consistent.
I in no way implied that I did not have access to the source code.
The source code is readily available with reproducible builds such that anyone can verify that the source code corresponds to the binary running with just a couple of key presses.
All of it has a bootstrap chain from stage0. So no binaries or generated files anywhere in the build chain.
The horse is not high when anyone who wants to get on can and the FSF community is willing to help lift people up rather than try to tear them down.
I am curious how far you take that. Do you compile your own compiler? Do you have an open BIOS that you can truly audit. Do you know about every piece of firmware on your system and have you been able to audit that code too? Hell, let’s take it to its logical conclusion, how do you know nothing is actually embedded in the silicon? All of that could be malware and do every single thing you mentioned. At some point you either have to trust something (but who do you trust) or build it all yourself from scratch.
Well my husband bought me a T500 which has libreboot installed along with Debian. He deals with that sort of stuff