{"id":2389,"date":"2025-10-30T16:30:11","date_gmt":"2025-10-30T15:30:11","guid":{"rendered":"https:\/\/www.infos-globales.fr\/?p=2389"},"modified":"2025-10-30T17:03:15","modified_gmt":"2025-10-30T16:03:15","slug":"digital-sovereignty-myths-and-realities","status":"publish","type":"post","link":"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/","title":{"rendered":"Digital sovereignty: myths and realities"},"content":{"rendered":"\n<h3 class=\"wp-block-heading\"><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-palette-color-2-color\">Introduction<\/mark><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-e4419290774c245d97186ae0d763d43b\">Free and Open-Source Software and the Linux ecosystem hold real promise in terms of openness and innovation, but they also pose concrete challenges to digital sovereignty when they rely heavily on dependency chains and repositories maintained by third parties. These dependencies expose organizations to supply chain risks, loss of legal control, and obsolescence.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-d4f5a72db2569e3c66443a67e53effd4\">Conversely, proprietary on-premise solutions, particularly Microsoft Windows Server environments and Windows workstations, often offer more immediate operational, hardware, and legal control for businesses and individuals.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-80e6b38f28a6e6c14f95246d04164779\">Strategic innovation is not just about software and open source; the Windows gaming market has funded hardware breakthroughs \u2014 notably the rise of GPUs \u2014 which are now benefiting research, weather forecasting and AI.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-43af17dd85a741096ac73af63d3b11c5\">A pragmatic approach must distinguish between local (on-premise) and remote (cloud) solutions and assess effective governance, not just the \u00ab\u00a0open source\u00a0\u00bb or \u00ab\u00a0proprietary\u00a0\u00bb label.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading\">1. The Dependency Hell in the FOSS ecosystem<\/h4>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-4ea1b460 wp-block-columns-is-layout-flex\" style=\"border-style:none;border-width:0px;padding-top:0;padding-right:0;padding-bottom:0;padding-left:0\">\n<div class=\"wp-block-column is-content-justification-center is-layout-constrained wp-block-column-is-layout-constrained\" style=\"flex-basis:30%\">\n<figure data-wp-context=\"{&quot;imageId&quot;:&quot;69fe1556f0a04&quot;}\" data-wp-interactive=\"core\/image\" data-wp-key=\"69fe1556f0a04\" class=\"wp-block-image size-full is-resized wp-lightbox-container\" id=\"xkdc\"><img loading=\"lazy\" decoding=\"async\" width=\"770\" height=\"978\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on--click=\"actions.showLightbox\" data-wp-on--load=\"callbacks.setButtonStyles\" data-wp-on-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/www.infos-globales.fr\/wp-content\/uploads\/2025\/10\/dependency_2x.png\" alt=\"\" class=\"wp-image-1901\" style=\"width:205px;height:auto\" srcset=\"https:\/\/www.infos-globales.fr\/wp-content\/uploads\/2025\/10\/dependency_2x.png 770w, https:\/\/www.infos-globales.fr\/wp-content\/uploads\/2025\/10\/dependency_2x-236x300.png 236w, https:\/\/www.infos-globales.fr\/wp-content\/uploads\/2025\/10\/dependency_2x-768x975.png 768w\" sizes=\"auto, (max-width: 770px) 100vw, 770px\" \/><button\n\t\t\tclass=\"lightbox-trigger\"\n\t\t\ttype=\"button\"\n\t\t\taria-haspopup=\"dialog\"\n\t\t\taria-label=\"Agrandir\"\n\t\t\tdata-wp-init=\"callbacks.initTriggerButton\"\n\t\t\tdata-wp-on--click=\"actions.showLightbox\"\n\t\t\tdata-wp-style--right=\"state.imageButtonRight\"\n\t\t\tdata-wp-style--top=\"state.imageButtonTop\"\n\t\t>\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewBox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\" \/>\n\t\t\t<\/svg>\n\t\t<\/button><figcaption class=\"wp-element-caption\"><strong><mark style=\"background-color:rgba(0, 0, 0, 0);color:#0693e3\" class=\"has-inline-color\"><a href=\"https:\/\/xkcd.com\/2347\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Picture by xkcd<\/a><\/mark><\/strong><\/figcaption><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:60%\">\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-2ff657aa0d74f224a9191e4f301ebfc5\">Modern FOSS projects rely heavily on hundreds or even thousands of packages distributed via package managers and online repositories (npm, PyPI, crates.io, etc.).<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-1924ecceec681b7c64b7af5ce6cd26fa\">They are often maintained by volunteer contributors and hosted on servers whose location and legal status are unknown.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-e19356c9af409b3216fc9f7356e626cf\">Many are hosted by individual accounts, without any legal guarantees or verified identity, sometimes without multi-factor authentication.<\/li>\n<\/ul>\n<\/div>\n<\/div>\n\n\n\n<figure class=\"wp-block-pullquote is-style-default has-black-color has-palette-color-5-background-color has-text-color has-background has-link-color wp-elements-14498f6b91330038a2f75f63ba67a93e\" style=\"padding-top:var(--wp--preset--spacing--20);padding-right:var(--wp--preset--spacing--30);padding-bottom:var(--wp--preset--spacing--20);padding-left:var(--wp--preset--spacing--30);font-size:clamp(14px, 0.875rem + ((1vw - 3.2px) * 0.156), 16px);line-height:1.8\"><blockquote><p><em>\u00ab\u00a0Many of the Top 500 packages on our lists are hosted under individual developer accounts. The consequences of such heavy reliance upon individual developer accounts must not be discounted. For legal, bureaucratic, and security reasons, individual developer accounts have fewer protections associated with them than organizational accounts in a majority of cases. While these individual accounts can employ measures like multi-factor authentication (MFA), they may not always do so, leaving individual computing environments more vulnerable to attack. These accounts also do not have the same granularity of permissioning and other publishing controls that organizational accounts do. This means that changes to code under the control of these individual developer accounts are significantly easier to make.\u00a0\u00bb<\/em>  <\/p><cite><strong><mark style=\"background-color:rgba(0, 0, 0, 0);color:#0693e3\" class=\"has-inline-color\"><a href=\"https:\/\/www.linuxfoundation.org\/hubfs\/LF%20Research\/lfr_censusiii_120424a.pdf?hsLang=en\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">The Linux Fondation &#8211; Census III of Free and Open Source Software &#8211; December 2024<\/a><\/mark><\/strong><\/cite><\/blockquote><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-253efdaa95bcd5bfa29f8c86c561c2ce\"><a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/25\/i\/npm-supply-chain-attack.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Recent incidents on the npm ecosystem<\/a> demonstrate the scale of the problem: massively downloaded packages have been compromised and used to spread malware, illustrating the reach of an attack on public repositories and the ability to affect millions of applications upstream and downstream.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-a928d62600cff9d0485c574f79794d70\">This operational and legal fragility makes digital sovereignty a delicate matter: the disappearance of a repository, the abandonment of a maintainer, or the malicious modification of a package can force unforeseen migrations or break production chains.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-b20fa17221e37fd7ffce14f6cee88369\">The availability and location of the servers hosting the repositories, as well as the governance model, are therefore highly variable, which complicates any guarantee of continuity or application of sovereignty rules (jurisdiction, storage of metadata, access to logs).<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-8030b1a2f6249497a382269071ccdbd6\">Recommendations stemming from sector analyses highlight the need for organization-wide governance and inventory of open-source software to manage these risks. Recent studies and summaries show that the FOSS ecosystem is ubiquitous in production environments, but that its maintenance model raises security, maintenance, and scalability issues.<\/li>\n<\/ul>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"has-black-color has-palette-color-1-background-color has-text-color has-background has-link-color wp-elements-5fc426431b2f8c9ffbe804e615a7117f\" id=\"xz1\" style=\"font-size:clamp(14px, 0.875rem + ((1vw - 3.2px) * 0.156), 16px);\">The most emblematic example of the difficulties and risks associated with current FOSS practices is the incredible story of <a href=\"https:\/\/next-ink.translate.goog\/133067\/xz-utils-comme-une-porte-derobee-dans-un-composant-de-linux-a-fait-craindre-le-pire\/?_x_tr_sl=fr&amp;_x_tr_tl=en&amp;_x_tr_hl=fr&amp;_x_tr_pto=wapp\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">the XZ Utils module compromise<\/a> discovered in March 2024.<br><br>A project, initially personal and a hobby, had over the years become an essential component of certain Linux distributions deployed at the heart of global data centers. The project was maintained on an individual account by a single, isolated person who, suffering from burnout, eventually handed it over to another contributor whose true identity remains completely unknown to this day. This individual injected malicious code into the project, quickly contaminating thousands of servers worldwide via the supply chain. Despite the open-source nature of the code and the supposed abundance of community code reviews, a critical component, widely used by many other developers and deployed at scale, was entrusted in a completely informal manner to an unknown and, moreover, malicious third party. It&rsquo;s a situation straight out of <a href=\"https:\/\/xkcd.com\/2347\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">the xkcd comic<\/a>.<\/p>\n<\/blockquote>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-a4aca4bb8753c443c292fa68cbe8d59c\"><strong>Sources :<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-c58fe19fa376be0e66c8c6aaca119065\"><a href=\"https:\/\/www.linuxfoundation.org\/hubfs\/LF%20Research\/lfr_censusiii_120424a.pdf?hsLang=en\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/www.linuxfoundation.org\/hubfs\/LF%20Research\/lfr_censusiii_120424a.pdf?hsLang=en<\/a><\/li>\n\n\n\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-26a410fbcd1fc2e5b7c67fedd63c7fdd\"><a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/25\/i\/npm-supply-chain-attack.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/www.trendmicro.com\/en_us\/research\/25\/i\/npm-supply-chain-attack.html<\/a><\/li>\n\n\n\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-9b872d9f892eee8a27ce346c5d1413df\"><a href=\"https:\/\/next-ink.translate.goog\/133067\/xz-utils-comme-une-porte-derobee-dans-un-composant-de-linux-a-fait-craindre-le-pire\/?_x_tr_sl=fr&amp;_x_tr_tl=en&amp;_x_tr_hl=fr&amp;_x_tr_pto=wapp\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">XZ Utils: How a backdoor in a Linux component caused fears of the worst<\/a><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading\">2. Technical dificulties of development under Linux<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-a50a77442dcb909b35efd57c72cbcc93\"><strong>Fragmentation of distributions and versions :<\/strong> providing stable binaries for Debian, Ubuntu, Fedora, Red Hat, Arch, and their numerous versions requires specific packaging, testing, and maintainers for each target, complicating the delivery process. <a href=\"https:\/\/www.reddit.com\/r\/linux_gaming\/comments\/wq9dx5\/valve_employee_glibc_not_prioritizing\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">ABI breaks due to glibc updates are frequent<\/a>, which complicates the task of developers and harms the long-term sustainability of packages.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-3a02d00117607735edb6111077d076e8\"><strong>Fragmentation of graphical environments and toolkits :<\/strong> QT vs. GTK, X11 vs. Wayland, GNOME vs. KDE\u2014makes the user experience, behavior, and dependencies highly variable, pushing many projects towards standardized but remote web interfaces, or resulting in projects that lack a graphical interface and run only from the command line.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-18fa996925c54b1641088fb487b6947f\"><strong>Prevalence of uncompiled tools :<\/strong> scripts, applications distributed in source code form, or those dependent on a package ecosystem (pip, npm, gems) require rebuilding or installing toolchains on the fly.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-a33c19e849cfe02ae170d9dae10e97cf\"><strong>Web\/cloud development trend :<\/strong> the focus on web applications and browser-accessible frontends reduces the effort required to optimize compiled local executions, which are often more energy-efficient. Increasing prominence of JavaScript and Google APIs in open-source applications.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-b6b9d9947cd11415d23c0a1b90123859\"><strong>Dependence on volunteer maintainers :<\/strong> many critical packages are maintained by one or two people, creating a single point of failure if they abandon the project. These characteristics make development and operation under Linux more demanding in terms of dependency management, packaging, and governance.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-fd479181c11ad8964d6dd792f42dc016\"><strong><a href=\"https:\/\/www.youtube.com\/watch?v=Pzl1B7nB9Kc\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Linus Torvalds himself complains about this situation!<\/a><\/strong><\/li>\n<\/ul>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-c703e8dbf973d419edee5d3b523f71a0\" id=\"2sources\"><strong>Sources :<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-01161d26d6decb2027d8a7628090c783\"><a href=\"https:\/\/www.reddit.com\/r\/linux_gaming\/comments\/wq9dx5\/valve_employee_glibc_not_prioritizing\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Valve Employee: glibc not prioritizing compatibility damages Linux Desktop : r\/linux_gaming<\/a><\/li>\n\n\n\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-29d64e416045f2d02d7b7d865ccc3d0b\"><a href=\"https:\/\/blog.hiler.eu\/win32-the-only-stable-abi\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Win32 Is The Only Stable ABI on Linux<\/a><\/li>\n\n\n\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-19861e88913755a6a737c929dd33f7ff\"><a href=\"https:\/\/www.socallinuxexpo.org\/scale\/19x\/presentations\/not-breaking-userspace-evolving-linux-abi\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Not breaking userspace: the evolving Linux ABI | 19x<\/a><\/li>\n\n\n\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-f375b2e5f73117ebe5e1f209e3d41021\"><a href=\"https:\/\/news.ycombinator.com\/item?id=27055120\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">glibc breaks ABI quite often. Linus has roasted about it openly in the past http&#8230; | Hacker News<\/a><\/li>\n\n\n\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-c3a4bb150c623563ce3bcdc27fb5a09e\"><a href=\"https:\/\/www.youtube.com\/watch?v=Pzl1B7nB9Kc\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Linus Torvalds on why desktop Linux sucks (Youtube video)<\/a><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading has-black-color has-text-color has-link-color wp-elements-f159be3d4f12acd925e154b56f921eac\">3. Consequences for security and digital sovereignty<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-2fea24c48a11ed8e4edc3705938ec4f3\"><strong>Loss of legal and operational control :<\/strong> relying on foreign storage facilities means being subject to local laws, export policies, and access disruptions beyond the control of the sovereign entity (state, company).<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-5b45773ab95dced831bcaf9ddc979e59\"><strong>Supply chain attack risk : <\/strong>the compromise of a maintainer&rsquo;s account, the injection of malicious code into a critical dependency, or the deletion of a package can trigger cascading effects that impact the availability and security of systems.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-5ec8bee62f4f569bbac8fa371385eaf3\"><strong>Dependence on the network and energy waste :<\/strong> the model of frequent updates and builds increases exchanges with remote data centers, increasing traffic and energy consumption compared to stable, locally compiled binaries.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-dbada65e0255d0b1b6e47c0aa48d1afe\"><strong>Risk of erosion of autonomy during migrations :<\/strong> due to a lack of complete native applications, there is often a shift towards cloud (remote) services, which reduce sovereignty instead of increasing it.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-default\"\/>\n\n\n\n<h4 class=\"wp-block-heading has-black-color has-text-color has-link-color wp-elements-51075e2435235e24626071c7ecaaeb22\">4. Practical comparison: on-premises Windows vs. free Linux ecosystem<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-db2d1cb1b4c998dd01f83059ccffed6e\"><strong>On-premise control :<\/strong> Microsoft Windows Server environments (AD, DHCP, DNS, Exchange, <a href=\"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/09\/13\/how-to-install-wordpress-6-8-on-microsoft-iis-10-in-4-steps\/\" target=\"_blank\" rel=\"noreferrer noopener\">IIS<\/a>) allow for the complete management of a corporate network and data locally, without necessarily relying on the cloud, offering clear control over the location of services and backups. Windows provides consolidated graphical interfaces and centralized administration tools that are highly valued in enterprise environments. The lack of native solutions under Linux can push organizations towards cloud solutions, which is contrary to the objective of digital sovereignty.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-5c891db6ccbd701ba0885d025695fab8\"><strong>Centralized administration :<\/strong> The native integration of group management, the ACL model, and nested groups simplifies large-scale administration compared to Linux solutions (SSSD, winbind), which are often more fragmented and limited. Linux, for example, does not support nested groups, making centralized management complex and cumbersome.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-018dea242c4df1b89949f0d4402e5143\"><strong>Industry standards :<\/strong> Contrary to the common misconception of a \u00ab\u00a0black box,\u00a0\u00bb Windows adheres to most industry standards (LDAP, Kerberos, SMB, TLS, etc.) and offers broad hardware and software compatibility, facilitating heterogeneous integration in mixed environments. This fosters a rich and diverse software\/hardware ecosystem for all digital uses, both for individuals and businesses.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-8fc650675a2233aa0714c29d822f253f\"><strong>Powerful, stable, and open development environment :<\/strong> The Visual Studio suite allows for the development of stable, native graphical applications, offers a choice of numerous languages, and also enables the compilation of applications for Android (with .NET MAUI). There is no mandatory app store or commission to pay on Windows, unlike the Apple and Android environments, which do not offer the same level of freedom in development and distribution of applications. The ability to freely and easily develop and distribute software is a cornerstone of digital sovereignty.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-2b5d202105b8b6cc8e625fa2e809edc2\"><strong>Package longevity :<\/strong> On Windows, runtime libraries (CRT, UCRT, Visual C++ libraries) are designed to be redistributed with the application or installed as side-by-side components, reducing dependence on a single \u00ab\u00a0system\u00a0\u00bb libc and unforeseen updates. Linux solutions, on the other hand, may require recompilation or adjustments with each major change in dependencies. Compiled and packaged Windows applications often have a long operational lifespan and remain functional years after compilation, without relying on volatile repositories and maintainers. This is an asset for security and digital sovereignty, as it simplifies software inventories and audits.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-b9a825d74266a01e7c82c4a244938391\"><strong>User experience :<\/strong> On Windows, the desktop experience, file managers, and graphical interfaces (easy file management, software installation) make it easy for the average user to control their data without resorting to remote services. Average users often prefer the simplicity of a file explorer and straightforward installers over command-line interfaces that require searching the internet even for basic tasks. The Linux file system and its directory structure are difficult for the average user to understand, diminishing their digital autonomy.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<div class=\"wp-block-group is-layout-constrained wp-block-group-is-layout-constrained\">\n<h4 class=\"wp-block-heading has-black-color has-text-color has-link-color wp-elements-04821bc8e4e7a86f42e26a0e889b364f\">5. Hardware innovation and the role of Windows in the ecosystem<\/h4>\n<\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-be41b1a6d8654add4590957eeedaa128\">Contrary to some misconceptions, digital innovation is not solely about software and open source code. It depends just as much on hardware as it does on software. The evolution of components (CPU, GPU, RAM, storage, cooling) has allowed software to handle increasing volumes of data and parameters.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-bfa12153017fff7f0190dc186dcf29d8\">Windows is the dominant platform (<a href=\"https:\/\/store.steampowered.com\/hwsurvey\/Steam-Hardware-Software-Survey-Welcome-to-Steam\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">95.4% market share on Steam in September 2025, compared to 2.68% for Linux and 1.92% for macOS<\/a>), uniting the industry and facilitating economies of scale and rapid adoption. Video games have been a driving force, and the competition for gaming performance has led to massive gains in CPU\/GPU capabilities, which are then leveraged for scientific computing and AI. <a href=\"https:\/\/www.renaultgroup.com\/en\/magazine\/our-group-news\/3d-sketching-a-digital-touch-to-every-drawing\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Virtual reality (VR), which is demanding on GPUs (stereoscopic 3D rendering), is used in engineering<\/a> and gaming, with a rich PC ecosystem (Windows-compatible headsets, Steam game catalog).<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-145ea89c1fd88716e6e3422406d9606e\">The Windows ecosystem, through its balance between proprietary technology and compatibility, has united manufacturers, developers, and users, stimulating hardware R&amp;D and widespread adoption. The consumer video game market has pushed the limits of hardware performance, and these advancements have subsequently benefited <a href=\"https:\/\/www.jonpeddie.com\/news\/super-duper-computer-amd-does-it-again\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">servers, supercomputers, simulations, virtual reality, and AI<\/a>. Hardware progress makes increasingly complex software processing possible, used in fields such as weather forecasting and engineering, for example.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-640560c1b2a28ecdf1e7cc9d90668014\">The established players Intel, AMD, and Nvidia, have evolved thanks to the Windows market to address <a href=\"https:\/\/www.energy.gov\/articles\/energy-department-announces-new-partnership-nvidia-and-oracle-build-largest-doe-ai\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">HPC and AI applications<\/a>. Indirect funding from the consumer market has generated positive externalities across the entire hardware industry.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-1829629747566b4ae97e8ad8fd3ad4a9\">The combined importance of hardware and software means that innovation strategies must simultaneously support hardware and software R&amp;D, leverage broad ecosystems to reduce unit costs, and recognize the role of consumer markets (gaming, VR) as a catalyst for technical advancements useful for professional applications.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-00a4edbda818356fb3faff0613d17861\">Digital progress is interdependent on both hardware and software, and the Windows ecosystem plus the gaming market have accelerated hardware improvements to the benefit of computing as a whole.<\/li>\n<\/ul>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-edfa959a0f3144873b25c64091c03ccd\"><strong>Sources :<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-256bb089028114b896f368a70bcdd78b\">\n<li><a href=\"https:\/\/store.steampowered.com\/hwsurvey\/Steam-Hardware-Software-Survey-Welcome-to-Steam\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/store.steampowered.com\/hwsurvey\/Steam-Hardware-Software-Survey-Welcome-to-Steam<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.renaultgroup.com\/en\/magazine\/our-group-news\/3d-sketching-a-digital-touch-to-every-drawing\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/www.renaultgroup.com\/en\/magazine\/our-group-news\/3d-sketching-a-digital-touch-to-every-drawing\/<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.jonpeddie.com\/news\/super-duper-computer-amd-does-it-again\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/www.jonpeddie.com\/news\/super-duper-computer-amd-does-it-again\/<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.energy.gov\/articles\/energy-department-announces-new-partnership-nvidia-and-oracle-build-largest-doe-ai\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/www.energy.gov\/articles\/energy-department-announces-new-partnership-nvidia-and-oracle-build-largest-doe-ai<\/a><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading has-black-color has-text-color has-link-color wp-elements-510f3afc6b678ad8cfc79567d447e14a\">6. Cloud, Linux and false promises of sustainability<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-9e7f058eddf89739e1a873f865767e2e\"><strong>The distinction between local and remote :<\/strong> confusing Windows (operating system) and Microsoft Cloud (remote service) distorts the debate \u2014 one can maintain sovereignty with Windows on-premise or lose sovereignty with cloud services, regardless of the operating system.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-131e99f8c6fcfb81fb4baca87bfdca49\"><strong>The cloud does not guarantee continuity :<\/strong> loss of access, major incidents, and data center fires do occur; massive cloud infrastructure outages have already happened and demonstrate a centralization of risk that can affect thousands of organizations simultaneously. <a href=\"https:\/\/www.wired.com\/story\/amazon-explains-how-its-aws-outage-took-down-the-web\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">The massive AWS outage of October 20, 2025<\/a>, and <a href=\"https:\/\/www.chosun.com\/english\/national-en\/2025\/10\/02\/FPWGFSXMLNCFPIEGWKZF3BOQ3M\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">the incredible loss of 858 TB of public data by the South Korean government due to a fire at the G-Drive government cloud data center<\/a>, are striking examples.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-5e8b13925764f793a7069a922b8af2df\"><strong>Attack surface and exposure surface :<\/strong> Cloud services increase the number of external interfaces and complexity, often offering a larger attack surface than well-hardened on-premise services, including Microsoft 365 cloud services, which are ultimately more exposed than their on-premise counterparts. <a href=\"https:\/\/www.proofpoint.com\/us\/blog\/threat-insight\/microsoft-oauth-app-impersonation-campaign-leads-mfa-phishing\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Phishing attacks can even compromise multi-factor authentication (MFA)<\/a>.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-7af571c068156409fed9d580c67bfe60\"><strong>The cloud is antithetical to digital sovereignty :<\/strong> Although useful, even indispensable for certain exchanges and configurations, the cloud itself represents, to varying degrees, a loss of sovereignty compared to on-premise solutions. It necessarily involves delegating control of a portion of the digital infrastructure to a distant third party and becoming dependent on them to a certain extent. <a href=\"https:\/\/www.cloudflare.com\/learning\/cloud\/what-is-vendor-lock-in\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">The provider of a cloud solution can unilaterally terminate your access to the service and your data, or impose significant changes to the terms of service (vendor lock-in).<\/a><\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-663ef8dd48e59912cde2dc8e6036afff\"><strong>Long-term sustainability under Linux is not guaranteed :<\/strong> In addition to packages and dependencies that may change or disappear, sometimes entire Linux distributions vanish, leaving users to face complex migrations on their own. The abrupt discontinuation of CentOS by Red Hat is a striking example.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-a976d4e0bb6f11a8eb969368ef06e1fb\"><strong>Linux is not synonymous with absolute security :<\/strong> enterprise distributions and software can be vulnerable to flaws or hacking (e.g., incidents affecting critical distributions or packages), which serves as a reminder that no system is inherently invulnerable.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-c04197f5efdd2e558cd4390a04f80991\"><strong>Recent figures on Linux infections:<\/strong><br><br>\n<ul class=\"wp-block-list\">\n<li class=\"wp-elements-0ff611d3bb252aa41633463d6f94b643\"><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/ebury-botnet-malware-infected-400-000-linux-servers-since-2009\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\"><strong>The Ebury botnet<\/strong> has infected approximately 400,000 Linux servers since 2009, averaging 26,000 infections per year, with 100,000 machines still compromised at the end of 2023.<\/a><br><br><\/li>\n\n\n\n<li class=\"wp-elements-f0ee87a12d903eb755b0147871298b10\"><a href=\"https:\/\/socradar.io\/perfctl-campaign-exploits-millions-of-linux-servers-for-crypto-mining-and-proxyjacking\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Another piece of malware called <strong>perfctl <\/strong>has quietly infiltrated thousands of Linux systems for several years, exploiting common configuration errors.<\/a><br><br><\/li>\n\n\n\n<li>Overall statistics on malware show a constant increase in infections in businesses, including on Linux systems, with propagation rates reaching 75% in 2022 in some environments.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-5c106e4f1c3cb6692146a47581a75c60\">Only a comprehensive approach to digital sovereignty, combining on-premise and cloud components, can make a real difference. Don&rsquo;t assume that the cloud and Linux alone will solve all the challenges of configuring, securing, backing up, scaling, and ensuring the redundancy of IT and digital infrastructures. Carefully evaluate the possibilities for recovering and migrating data and tools from one cloud provider to another. SaaS tools can lead to vendor lock-in that is more difficult to overcome than with on-premise solutions.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-3c206ba55619afb7125ce51c326ee6e7\"><strong>Sources :<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-9cbe97569a7c66215a038eddc5d21ca5\">\n<li><a href=\"https:\/\/www.wired.com\/story\/amazon-explains-how-its-aws-outage-took-down-the-web\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/www.wired.com\/story\/amazon-explains-how-its-aws-outage-took-down-the-web\/<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.chosun.com\/english\/national-en\/2025\/10\/02\/FPWGFSXMLNCFPIEGWKZF3BOQ3M\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/www.chosun.com\/english\/national-en\/2025\/10\/02\/FPWGFSXMLNCFPIEGWKZF3BOQ3M\/<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.proofpoint.com\/us\/blog\/threat-insight\/microsoft-oauth-app-impersonation-campaign-leads-mfa-phishing\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/www.proofpoint.com\/us\/blog\/threat-insight\/microsoft-oauth-app-impersonation-campaign-leads-mfa-phishing<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.cloudflare.com\/learning\/cloud\/what-is-vendor-lock-in\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/www.cloudflare.com\/learning\/cloud\/what-is-vendor-lock-in\/<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/ebury-botnet-malware-infected-400-000-linux-servers-since-2009\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/www.bleepingcomputer.com\/news\/security\/ebury-botnet-malware-infected-400-000-linux-servers-since-2009\/<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/socradar.io\/perfctl-campaign-exploits-millions-of-linux-servers-for-crypto-mining-and-proxyjacking\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/socradar.io\/perfctl-campaign-exploits-millions-of-linux-servers-for-crypto-mining-and-proxyjacking\/<\/a><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading has-black-color has-text-color has-link-color wp-elements-b97b783ca63dc693fdafb151cdcdb3f7\">7. Open source code : less privacy for more security ?<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-72eea0517abcd297cda0e8fa23512f09\">Code sharing is not a panacea for sovereignty : some sensitive sectors require proprietary components or components audited by qualified third parties; making the code open to everyone is not always desirable or relevant. Data and network traffic are often the main issue: controlling where the data resides, who accesses it, and how it is transmitted is more critical than simply opening up the code; code visibility does not necessarily eliminate operational or legal risks.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-4f068ef7dfdc7a93a7f425e283de3f49\">The belief that open-source code allows the community to detect vulnerabilities in a timely manner is not borne out by the facts. Numerous security vulnerabilities in open-source code persist for years before being detected and corrected. Some threats, such as <a href=\"https:\/\/www-itrust-fr.translate.goog\/focus-sur-perfctl-le-malware-ciblant-les-systemes-linux?_x_tr_sl=fr&amp;_x_tr_tl=en&amp;_x_tr_hl=fr&amp;_x_tr_pto=wapp\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Perfctl (2021)<\/a> or <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/ebury-botnet-malware-infected-400-000-linux-servers-since-2009\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Ebury (2009!)<\/a>, have been active for years without any reaction from the FOSS community, which remains silent, or even conceals these serious incidents affecting tens of thousands of Linux systems every year.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-bcdb962dcc77462b58e5291c865a75d5\">Many critical vulnerabilities in widely used FOSS projects are detected by institutional actors or companies rather than by the volunteer community. <a href=\"https:\/\/next-ink.translate.goog\/4777\/log4shell-derriere-importante-faille-eternelle-question-soutien-au-logiciel-libre\/?_x_tr_sl=fr&amp;_x_tr_tl=en&amp;_x_tr_hl=fr&amp;_x_tr_pto=wapp\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">The Log4j vulnerability<\/a> was present in the open-source code for all to see since 2013 before being detected only in 2021 by researchers at the e-commerce giant Alibaba. <a href=\"https:\/\/next-ink.translate.goog\/133067\/xz-utils-comme-une-porte-derobee-dans-un-composant-de-linux-a-fait-craindre-le-pire\/?_x_tr_sl=fr&amp;_x_tr_tl=en&amp;_x_tr_hl=fr&amp;_x_tr_pto=wapp\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">The XZ Utils vulnerability was discovered by a Microsoft engineer<\/a>.<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-pullquote is-style-default has-black-color has-palette-color-5-background-color has-text-color has-background has-link-color wp-elements-2496885ca44ee4d29dfc7d089e7ed8a0\" style=\"padding-top:var(--wp--preset--spacing--20);padding-right:var(--wp--preset--spacing--30);padding-bottom:var(--wp--preset--spacing--20);padding-left:var(--wp--preset--spacing--30);font-size:clamp(14px, 0.875rem + ((1vw - 3.2px) * 0.156), 16px);line-height:1.8\"><blockquote><p>\u00ab&nbsp;<em>Log4j maintainers have been working sleeplessly on mitigation measures; fixes, docs, CVE, replies to inquiries, etc. Yet nothing is stopping people to bash us, for work we aren&rsquo;t paid for, for a feature we all dislike yet needed to keep due to backward compatibility concerns<\/em>&nbsp;\u00bb<\/p><cite><a href=\"https:\/\/x.com\/yazicivo\/status\/1469349956880408583\" target=\"_blank\" rel=\"noreferrer noopener nofollow\"><strong><mark style=\"background-color:rgba(0, 0, 0, 0);color:#0693e3\" class=\"has-inline-color\">Volkan Yaz\u0131c\u0131, Apache Software Foundation &#8211; december 10th 2021<\/mark><\/strong><\/a><\/cite><\/blockquote><\/figure>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-eb5673ab22293aa7a7325d545c6eb9e5\"><strong>Sources :<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-1e32dfba0c1dc7be41c6afc0172b9725\"><a href=\"https:\/\/www-itrust-fr.translate.goog\/focus-sur-perfctl-le-malware-ciblant-les-systemes-linux?_x_tr_sl=fr&amp;_x_tr_tl=en&amp;_x_tr_hl=fr&amp;_x_tr_pto=wapp\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Focus on Perfctl: The malware targeting Linux systems<\/a><\/li>\n\n\n\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-4d55839a997112465875bb125a8f434a\"><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/ebury-botnet-malware-infected-400-000-linux-servers-since-2009\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/www.bleepingcomputer.com\/news\/security\/ebury-botnet-malware-infected-400-000-linux-servers-since-2009\/<\/a><\/li>\n\n\n\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-e79bd6bd71bbf46e3d2573207fe71823\"><a href=\"https:\/\/next-ink.translate.goog\/4777\/log4shell-derriere-importante-faille-eternelle-question-soutien-au-logiciel-libre\/?_x_tr_sl=fr&amp;_x_tr_tl=en&amp;_x_tr_hl=fr&amp;_x_tr_pto=wapp\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Log4Shell: behind the major vulnerability, the eternal question of support for free software<\/a><\/li>\n\n\n\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-9b872d9f892eee8a27ce346c5d1413df\"><a href=\"https:\/\/next-ink.translate.goog\/133067\/xz-utils-comme-une-porte-derobee-dans-un-composant-de-linux-a-fait-craindre-le-pire\/?_x_tr_sl=fr&amp;_x_tr_tl=en&amp;_x_tr_hl=fr&amp;_x_tr_pto=wapp\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">XZ Utils: How a backdoor in a Linux component caused fears of the worst<\/a><\/li>\n\n\n\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-8b0d8dbcd56174b3c63d560e32efcc29\"><a href=\"https:\/\/x.com\/yazicivo\/status\/1469349956880408583\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/x.com\/yazicivo\/status\/1469349956880408583<\/a><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading has-black-color has-text-color has-link-color wp-elements-1b93c8e08b53d27823be922215a1b1c3\">8. Dominant FOSS culture : inconsistancies, biases and dogmatism<\/h4>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-8035f2fd177ae7cb09e48bc6f04e9500\">The risks and difficulties encountered with FOSS development are not solely due to the purely technical challenges of Linux and its dependencies; they also stem from, and are primarily caused by, a biased and misguided technical culture. Why? Because a dominant culture, based on simplistic beliefs and excessive abstraction, has disconnected developers from the realities of hardware, networking, and systems. There is indeed a dogmatic fringe that believes in the \u00ab\u00a0absolute\u00a0\u00bb security of Linux or open-source software, often without understanding modern attack vectors (supply chain attacks, cloud misconfigurations, kernel exploits). Forums are full of simplistic rhetoric like \u00ab\u00a0Windows = spyware, Linux = freedom,\u00a0\u00bb which obscures operational realities. A segment of the web development community (particularly full-stack JavaScript developers) ignores or underestimates disciplines such as network security, system architecture, or permission management. This leads to naive configurations, unencrypted storage, poorly managed CORS, and so on.<\/p>\n\n\n\n<div class=\"wp-block-group is-layout-constrained wp-block-group-is-layout-constrained\">\n<div class=\"wp-block-group is-layout-constrained wp-block-group-is-layout-constrained\">\n<h5 class=\"wp-block-heading\"><strong><mark style=\"background-color:rgba(0, 0, 0, 0);color:#000000\" class=\"has-inline-color\">Disconnection from IT disciplines :<\/mark><\/strong><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-c0416b26d4c62a2282de01c69c9ebe94\"><strong>Lack of understanding of the network :<\/strong> Few developers understand ACLs, VLANs, firewalls, or segmentation models.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-f1d54e069fcae85377f8d19570c35a21\"><strong>Ignorance of hardware : <\/strong>CPU, RAM, I\/O, microcode, firmware\u2026 are gray areas for many. The result: over-provisioning, poor optimization, and physical vulnerabilities.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-a37867c78fafe54f9108733e265d188c\"><strong>Cloud-first, black box : <\/strong>The abstraction of the cloud masks the underlying hardware, network, and system realities. Developers often don&rsquo;t know where their code is running, on what hardware, or with what security protections.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-bb5a5c69f1e2f101e315262422f7d4a4\"><strong>The DevOps without DevSec effect :<\/strong> Automation takes precedence over security. CI\/CD pipelines deploy code without rigorous control of dependencies or configurations.<\/li>\n<\/ul>\n<\/div>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>The myth of open source superiority :<\/strong><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-8748f8e6a11e9a0fcfd6ef252fccc092\"><strong>Transparency \u2260 security :<\/strong> Open source code guarantees nothing without auditing, maintenance, and governance. In practice, many critical projects are under-maintained, with little code review or security testing. The Log4Shell vulnerability remained undetected for years despite the code being open source.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-ba315197d39a2de4dc66fb02a15257a7\"><strong>Dogmatism and Linux myths :<\/strong> Many believe that Linux is \u00ab\u00a0inherently safe,\u00a0\u00bb ignoring kernel vulnerabilities, configuration errors, and physical attacks. Some claims that have been proven false (\u00ab\u00a0There are no malwares on Linux,\u00a0\u00bb for instance) still circulate on forums without being corrected by the community.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-f0a040479a5a9fd1b3c194473cea82ef\"><strong>Software-only dogma :<\/strong> The belief that everything is software and that hardware is secondary. The software and its source code alone handle everything (performance, security, functionality, connectivity, etc.) independently of the hardware or network infrastructure.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-ea54c5606a570a7ef0db9b415668f235\"><strong>The myth of the ethical superiority of free software : <\/strong>The universal sharing of knowledge is a morally noble goal, but the systematic avoidance of professional, paid proprietary solutions in favor of open-source freeware, often originating from personal hobbyist projects, for professional and commercial reuse raises serious ethical and fair competition concerns, as seen in the examples of Red Hat or WordPress.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<figure class=\"wp-block-pullquote is-style-default has-black-color has-palette-color-5-background-color has-text-color has-background has-link-color wp-elements-67a724ce97aad337e117b9ec1b1be9e5\" style=\"padding-top:var(--wp--preset--spacing--20);padding-right:var(--wp--preset--spacing--30);padding-bottom:var(--wp--preset--spacing--20);padding-left:var(--wp--preset--spacing--30);font-size:clamp(14px, 0.875rem + ((1vw - 3.2px) * 0.156), 16px);line-height:1.8\"><blockquote><p>\u00ab\u00a0<em>One thing you do is prevent good software from beeing written. Who can afford to do professional work for nothing? What hobbyist can put 3-man years into programming, finding all bugs, documenting his product and distribute for free?<\/em>\u00ab\u00a0<\/p><cite><a href=\"https:\/\/en.wikipedia.org\/wiki\/File:Bill_Gates_Letter_to_Hobbyists_ocr.pdf\" target=\"_blank\" rel=\"noreferrer noopener nofollow\"><mark style=\"background-color:rgba(0, 0, 0, 0);color:#0693e3\" class=\"has-inline-color\"><strong>Bill Gates &#8211; Letter to hobbyists &#8211; febuary 1976<\/strong><\/mark><\/a><\/cite><\/blockquote><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h5 class=\"wp-block-heading has-black-color has-text-color has-link-color wp-elements-cbc30f721b7c0bdea3c56681812f2c05\">Red Hat vs CentOS :<\/h5>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-fdcffd08b421b36ff6ac7bdbee7b2cf8\">The open-source approach often presents serious inconsistencies, as illustrated by the abrupt discontinuation of CentOS, a major Linux distribution, by Red Hat, due to competition with its own \u00ab\u00a0open-source\u00a0\u00bb but partially paid products. Red Hat acknowledged that it was impossible for them to maintain CentOS completely free of charge, and that it was overshadowing RHEL, for which paid subscriptions are available.<\/p>\n\n\n\n<figure class=\"wp-block-pullquote is-style-default has-black-color has-palette-color-5-background-color has-text-color has-background has-link-color wp-elements-18e41a9ab4be5c9d10b668b3be0783ca\" style=\"padding-top:var(--wp--preset--spacing--20);padding-right:var(--wp--preset--spacing--30);padding-bottom:var(--wp--preset--spacing--20);padding-left:var(--wp--preset--spacing--30);font-size:clamp(14px, 0.875rem + ((1vw - 3.2px) * 0.156), 16px);line-height:1.8\"><blockquote><p>\u00ab\u00a0CentOS necessarily hampered RHEL sales by being a free, but also functional, alternative.\u00a0\u00bb <br><br>\u00ab\u00a0The very existence of a free version of a paid system, when their functions were 100% identical, sowed more confusion than anything else, both for Red Hat&rsquo;s sales teams and for its customers\u00a0\u00bb <\/p><cite><a href=\"https:\/\/www-lemagit-fr.translate.goog\/conseil\/Fin-de-vie-de-CentOS-7-et-maintenant-que-faire?_x_tr_sl=fr&amp;_x_tr_tl=en&amp;_x_tr_hl=fr&amp;_x_tr_pto=wapp\" target=\"_blank\" rel=\"noreferrer noopener nofollow\"><strong><mark style=\"background-color:rgba(0, 0, 0, 0);color:#0693e3\" class=\"has-inline-color\">Le MagIT &#8211; End of life for CentOS 7: what now? &#8211; october<\/mark><\/strong> <strong><mark style=\"background-color:rgba(0, 0, 0, 0);color:#0693e3\" class=\"has-inline-color\">11th  2024<\/mark><\/strong><\/a><\/cite><\/blockquote><\/figure>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-a84807a4a59bafc22a4a625977460bcb\">Red Hat, a major player in Linux and the FOSS world, showed no remorse for the millions of individual and business users using CentOS when it decided to protect its own business model, leaving them with no choice but to migrate to a different operating system\u2014a process that can be complicated and which Red Hat is offering as a paid service to the CentOS 7 users it has abandoned : \u00ab\u00a0<em><strong>Red Hat Enterprise Linux for Third Party Linux Migration is a new offering designed to make Red Hat Enterprise Linux more accessible to CentOS Linux users with a competitively priced subscription and a simplified conversion process.<\/strong><\/em>\u00ab\u00a0<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h5 class=\"wp-block-heading has-black-color has-text-color has-link-color wp-elements-3a0acb049023600a8b49ef5e494ac3b9\">WordPress vs WP Engine :<\/h5>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-5fdd137fe3768504a66db935864517a9\">Another example is <a href=\"https:\/\/www-blogdumoderateur-com.translate.goog\/wordpress-vs-wp-engine-conflit-consequences-ecosysteme-cms\/?_x_tr_sl=fr&amp;_x_tr_tl=en&amp;_x_tr_hl=fr&amp;_x_tr_pto=wapp\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">the dispute between WordPress and WP Engine<\/a>. WordPress, unhappy with WP Engine&rsquo;s modifications to the source code for its clients, and with the fact that despite significant revenue, WP Engine doesn&rsquo;t contribute more to the funding and development of WordPress, simply decided to cut off their access to WordPress modules, leaving WP Engine&rsquo;s customers without security updates for their installed plugins and themes. In addition to this, WordPress went so far as to send messages directly to WP Engine&rsquo;s customers <a href=\"https:\/\/wptavern.com\/acf-plugin-forked-to-secure-custom-fields-plugin\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">and even appropriated and \u00ab\u00a0forked\u00a0\u00bb a WP Engine plugin!<\/a><\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-f3ab6cba8763e3b6e5c21e684d18de65\">This once again highlights <a href=\"https:\/\/world.hey.com\/dhh\/automattic-is-doing-open-source-dirty-b95cf128\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">the legal ambiguity surrounding the use of open-source code and its ownership<\/a>, as well as the limits of sovereignty in an open-source ecosystem that relies heavily on online repositories controlled by third parties. There are no enforceable rights, in either direction. This demonstrates the limitations of promoting open source as a lever for growth and sovereignty for digital companies and organizations.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-e4e44e0ff97573bb1e69a3d4b10f65e1\"><strong>These emblematic cases are the logical consequence of the fundamental problem of remuneration and the sustainability of the free software model<\/strong>. The hypothesis of a world where everything is produced for free ignores the economic reality of maintenance, bug fixing, and security requirements; hybrid models (commercial + open core, OSPOs, public funding) are often more sustainable.<\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-2e51ad7d4278292b5bb5d333bbd1202d\"><strong>Sources :<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-aadfc344a78fed4af3ff91f915b707fd\"><a href=\"https:\/\/en.wikipedia.org\/wiki\/File:Bill_Gates_Letter_to_Hobbyists_ocr.pdf\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/en.wikipedia.org\/wiki\/File:Bill_Gates_Letter_to_Hobbyists_ocr.pdf<\/a><\/li>\n\n\n\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-08837bf00b053aeab56e1f3f2e347ae7\"><a href=\"https:\/\/www-lemagit-fr.translate.goog\/conseil\/Fin-de-vie-de-CentOS-7-et-maintenant-que-faire?_x_tr_sl=fr&amp;_x_tr_tl=en&amp;_x_tr_hl=fr&amp;_x_tr_pto=wapp\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">End of life for CentOS 7: what now?<\/a><\/li>\n\n\n\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-e3c59e9db23426eab4bd9a86aef2dda7\"><a href=\"https:\/\/www.redhat.com\/en\/technologies\/linux-platforms\/red-hat-enterprise-linux-for-third-party-linux-migration\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/www.redhat.com\/en\/technologies\/linux-platforms\/red-hat-enterprise-linux-for-third-party-linux-migration<\/a><\/li>\n\n\n\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-15d85e128e1ae8ab0a88e588623f96d7\"><a href=\"https:\/\/www-blogdumoderateur-com.translate.goog\/wordpress-vs-wp-engine-conflit-consequences-ecosysteme-cms\/?_x_tr_sl=fr&amp;_x_tr_tl=en&amp;_x_tr_hl=fr&amp;_x_tr_pto=wapp\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">WordPress vs WP Engine: a conflict with serious consequences for the CMS ecosystem<\/a><\/li>\n\n\n\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-19b766841f4932466fb38170a5d833c8\"><a href=\"https:\/\/wptavern.com\/acf-plugin-forked-to-secure-custom-fields-plugin\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/wptavern.com\/acf-plugin-forked-to-secure-custom-fields-plugin<\/a><\/li>\n\n\n\n<li class=\"has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-469ec82942a0db2c1e8293fbac8836c9\"><a href=\"https:\/\/world.hey.com\/dhh\/automattic-is-doing-open-source-dirty-b95cf128\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/world.hey.com\/dhh\/automattic-is-doing-open-source-dirty-b95cf128<\/a><\/li>\n<\/ul>\n<\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading has-black-color has-text-color has-link-color wp-elements-e984226b0bad0156d2819748912db424\">9. Digital sovereignty : beware of false friends<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-06fe713c2ff222e49ab5019506359bfd\"><strong>MacOS<\/strong>, although proprietary, is closed both in terms of hardware and software, limiting autonomy.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-3eef206f687d350bea9963b7791d88cd\"><strong>Android and iOS<\/strong> collect massive amounts of personal data: photos, contacts, location, browsing history, and much more \u2013 far more than Windows 11 (do not confuse personal data with telemetry).<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-64b8c92185fb2e936c4a0f095ec917aa\"><strong>Google <\/strong>dominates access to information through Search and News, influencing the press and open-source developers.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading has-black-color has-text-color has-link-color wp-elements-30a47b33644e0c46e9359d3abd512a9d\">10. The true criteria of digital sovereignty :<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-677e83437419d74ed4f436b06b2785b0\"><strong>Software openness :<\/strong> Does the digital solution allow for easy interaction with other third-party solutions? Does it allow me to easily create data, content, and applications that I can freely distribute?<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-227cbe58ecff053df7d4d67a0d78c113\"><strong>Hardware openness :<\/strong> The foundation of a sovereign digital solution is physical control of the hardware. Computers, servers, telephones, network equipment. Does the implemented solution allow me to freely choose the hardware infrastructure on which I want to install, run, and store the data (computers, servers, smartphones)?<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-cf3f00c7ceb55f4255895552cc4e1e83\"><strong>Privacy :<\/strong> Does the solution respect my privacy or the confidentiality of my company&rsquo;s data? What is the nature and volume of the data collected and transmitted to digital solution providers?<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-e91380b441183ca8ba593f0b65857f87\"><strong>Local autonomy :<\/strong> Does the digital solution allow for completely offline deployment from installation sources? Does it depend on online accounts and services for its installation or use? Some solutions, even those that are on-premise, still require an online account for administration.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-5e06abf4d6dbfbbc0885589c83a4103a\"><strong>Data extractability :<\/strong> To what extent can I retrieve the data stored on a digital device? (e.g., removing the hard drive from a computer and recovering the data on another device, or accessing a Micro SD card on a smartphone). Some solutions do not allow physical access to the data.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-98afd5cbacf801687741b58604d2722f\"><strong>Data exportability :<\/strong> Does the solution allow me to export the data in a standard format compatible with other competing third-party solutions if I wanted to switch to a different one?<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading has-black-color has-text-color has-link-color wp-elements-7c39a59b37417987c0d7f2740aeb9736\">11. Practical recommendations for a pragmatic digital sovereignty<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-c582796f639f04662317f7b9eedb411b\">Choose the tool best suited to the need : Linux for specialized servers and technical flexibility; Windows on-premise for centralized management, interoperability, and operational simplicity; avoid decisions dictated by dogma.<\/li>\n<\/ol>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-7317fd6dbb4f6a0141ae8bd4046d9f3a\">Prioritize on-premise solutions for strategic functions (directory services, email, critical storage) or choose a sovereign bare-metal hosting solution located within the relevant legal jurisdiction.<\/li>\n<\/ol>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-4681036900c8623c01ea2f44c6db7c1f\">Re-evaluate the true costs (human and financial) of securing Linux and open-source environments in light of security and sovereignty requirements (package maintenance, dependency auditing, advanced configuration, <a href=\"https:\/\/www.trendmicro.com\/en_gb\/what-is\/xdr\/edr-vs-xdr.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">EDR\/XDR security solutions<\/a>).<\/li>\n<\/ol>\n\n\n\n<ol start=\"4\" class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-f4227ef8201521b0e3c33f48fb5f9bc4\">Evaluate energy costs and performance of architectures: prioritize locally compiled binaries for intensive use and limit energy-intensive, unoptimized web applications.<\/li>\n<\/ol>\n\n\n\n<ol start=\"5\" class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-3e8c6c75f6124b8a7ae4e5721a0340b6\">Promote reproducible builds and on-premise mirrors of critical repositories to limit direct dependencies on third-party servers.<\/li>\n<\/ol>\n\n\n\n<ol start=\"6\" class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-9f620c6165a3191f66e369b1f45d1b5a\">Strengthening open source governance: sustainable funding for maintainers, security audits, policies for managing maintainer accounts, and review of supply chains.<\/li>\n<\/ol>\n\n\n\n<ol start=\"7\" class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-e9f0180925b3fcfa12aca1e0429dd20b\">Mapping dependencies and software inventory: list repositories, critical packages and maintainers, define recovery plans (forks, internal mirrors).<\/li>\n<\/ol>\n\n\n\n<ol start=\"8\" class=\"wp-block-list\">\n<li class=\"has-black-color has-text-color has-link-color wp-elements-2221cd9c0eca3606ec4b57050a6c5434\">For individuals concerned about their digital sovereignty and privacy, it&rsquo;s preferable to use a personal computer to manage software, photos, and personal documents locally (without forgetting to back up important data on other physical media or online), rather than smartphones, which are inherently designed for the collection of personal data and its exploitation in the cloud.<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\"><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-palette-color-2-color\">Conclusion<\/mark><\/h3>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-35c4682a632fd08f6d7123767c608fef\" style=\"font-size:clamp(14px, 0.875rem + ((1vw - 3.2px) * 0.234), 17px);\">Digital sovereignty is not a binary issue of \u00ab\u00a0open source = sovereign\u00a0\u00bb versus \u00ab\u00a0proprietary = servitude.\u00a0\u00bb It is measured by the control of data, software supply chains, and hardware infrastructure, as well as the ability to govern and finance maintenance. Open-source software under Linux offers significant benefits, but its distributed dependency model and operational fragmentation create real risks to sovereignty if these risks are not actively managed. For many organizations and users, on-premise Microsoft Windows solutions currently offer a pragmatic compromise: interoperability based on standards, unified administration, stable binaries, and legal and physical control of data. Useful innovation does not depend on an \u00ab\u00a0open source\u00a0\u00bb label; it depends on an ecosystem that funds R&amp;D, supports the hardware, and allows for control over the entire digital chain.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Introduction Free and Open-Source Software and the Linux ecosystem hold real promise in terms of openness and innovation, but they also pose concrete challenges to digital sovereignty when they rely heavily on dependency chains and repositories maintained by third parties. These dependencies expose organizations to supply chain risks, loss of legal control, and obsolescence. Conversely, [&hellip;]<\/p>\n","protected":false},"author":8,"featured_media":2246,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"[]"},"categories":[74],"tags":[],"class_list":["post-2389","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-digital"],"blocksy_meta":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\r\n<title>Digital sovereignty: myths and realities - Infos Globales<\/title>\r\n<meta name=\"description\" content=\"Free and Open Source Software and the Linux ecosystem hold real promise, but they also pose concrete challenges for digital sovereignty.\" \/>\r\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\r\n<link rel=\"canonical\" href=\"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/\" \/>\r\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\r\n<meta property=\"og:type\" content=\"article\" \/>\r\n<meta property=\"og:title\" content=\"Digital sovereignty: myths and realities - Infos Globales\" \/>\r\n<meta property=\"og:description\" content=\"Free and Open Source Software and the Linux ecosystem hold real promise, but they also pose concrete challenges for digital sovereignty.\" \/>\r\n<meta property=\"og:url\" content=\"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/\" \/>\r\n<meta property=\"og:site_name\" content=\"Infos Globales\" \/>\r\n<meta property=\"article:published_time\" content=\"2025-10-30T15:30:11+00:00\" \/>\r\n<meta property=\"article:modified_time\" content=\"2025-10-30T16:03:15+00:00\" \/>\r\n<meta property=\"og:image\" content=\"https:\/\/www.infos-globales.fr\/wp-content\/uploads\/2025\/10\/Copilot_20251027_172726.png\" \/>\r\n\t<meta property=\"og:image:width\" content=\"1536\" \/>\r\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\r\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\r\n<meta name=\"author\" content=\"Jules Pr\u00e9vert\" \/>\r\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\r\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jules Pr\u00e9vert\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"20 minutes\" \/>\r\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infos-globales.fr\\\/index.php\\\/en\\\/2025\\\/10\\\/30\\\/digital-sovereignty-myths-and-realities\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infos-globales.fr\\\/index.php\\\/en\\\/2025\\\/10\\\/30\\\/digital-sovereignty-myths-and-realities\\\/\"},\"author\":{\"name\":\"Jules Pr\u00e9vert\",\"@id\":\"https:\\\/\\\/www.infos-globales.fr\\\/#\\\/schema\\\/person\\\/6c518d92dabe41ce44e26401b4277830\"},\"headline\":\"Digital sovereignty: myths and realities\",\"datePublished\":\"2025-10-30T15:30:11+00:00\",\"dateModified\":\"2025-10-30T16:03:15+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infos-globales.fr\\\/index.php\\\/en\\\/2025\\\/10\\\/30\\\/digital-sovereignty-myths-and-realities\\\/\"},\"wordCount\":4362,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.infos-globales.fr\\\/index.php\\\/en\\\/2025\\\/10\\\/30\\\/digital-sovereignty-myths-and-realities\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infos-globales.fr\\\/wp-content\\\/uploads\\\/2025\\\/10\\\/Copilot_20251027_172726.png\",\"articleSection\":[\"Digital\"],\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.infos-globales.fr\\\/index.php\\\/en\\\/2025\\\/10\\\/30\\\/digital-sovereignty-myths-and-realities\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infos-globales.fr\\\/index.php\\\/en\\\/2025\\\/10\\\/30\\\/digital-sovereignty-myths-and-realities\\\/\",\"url\":\"https:\\\/\\\/www.infos-globales.fr\\\/index.php\\\/en\\\/2025\\\/10\\\/30\\\/digital-sovereignty-myths-and-realities\\\/\",\"name\":\"Digital sovereignty: myths and realities - Infos Globales\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infos-globales.fr\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infos-globales.fr\\\/index.php\\\/en\\\/2025\\\/10\\\/30\\\/digital-sovereignty-myths-and-realities\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infos-globales.fr\\\/index.php\\\/en\\\/2025\\\/10\\\/30\\\/digital-sovereignty-myths-and-realities\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infos-globales.fr\\\/wp-content\\\/uploads\\\/2025\\\/10\\\/Copilot_20251027_172726.png\",\"datePublished\":\"2025-10-30T15:30:11+00:00\",\"dateModified\":\"2025-10-30T16:03:15+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.infos-globales.fr\\\/#\\\/schema\\\/person\\\/6c518d92dabe41ce44e26401b4277830\"},\"description\":\"Free and Open Source Software and the Linux ecosystem hold real promise, but they also pose concrete challenges for digital sovereignty.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infos-globales.fr\\\/index.php\\\/en\\\/2025\\\/10\\\/30\\\/digital-sovereignty-myths-and-realities\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infos-globales.fr\\\/index.php\\\/en\\\/2025\\\/10\\\/30\\\/digital-sovereignty-myths-and-realities\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/www.infos-globales.fr\\\/index.php\\\/en\\\/2025\\\/10\\\/30\\\/digital-sovereignty-myths-and-realities\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infos-globales.fr\\\/wp-content\\\/uploads\\\/2025\\\/10\\\/Copilot_20251027_172726.png\",\"contentUrl\":\"https:\\\/\\\/www.infos-globales.fr\\\/wp-content\\\/uploads\\\/2025\\\/10\\\/Copilot_20251027_172726.png\",\"width\":1536,\"height\":1024},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infos-globales.fr\\\/index.php\\\/en\\\/2025\\\/10\\\/30\\\/digital-sovereignty-myths-and-realities\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/www.infos-globales.fr\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Digital sovereignty: myths and realities\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infos-globales.fr\\\/#website\",\"url\":\"https:\\\/\\\/www.infos-globales.fr\\\/\",\"name\":\"Infos Globales\",\"description\":\"Informations globales et g\u00e9n\u00e9rales\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infos-globales.fr\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infos-globales.fr\\\/#\\\/schema\\\/person\\\/6c518d92dabe41ce44e26401b4277830\",\"name\":\"Jules Pr\u00e9vert\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/496c3c764679c5c2a40fe42920593822b133caadf3dc005b80375535e67d3fb3?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/496c3c764679c5c2a40fe42920593822b133caadf3dc005b80375535e67d3fb3?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/496c3c764679c5c2a40fe42920593822b133caadf3dc005b80375535e67d3fb3?s=96&d=mm&r=g\",\"caption\":\"Jules Pr\u00e9vert\"},\"description\":\"Curieux de nature, passionn\u00e9 de sciences et de technologie, tomb\u00e9 dans l'informatique \u00e9tant petit et professionnel des technologies de l'information depuis plus de 20 ans...\",\"sameAs\":[\"https:\\\/\\\/www.infos-globales.fr\"],\"url\":\"https:\\\/\\\/www.infos-globales.fr\\\/index.php\\\/author\\\/jules-prevert\\\/\"}]}<\/script>\r\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Digital sovereignty: myths and realities - Infos Globales","description":"Free and Open Source Software and the Linux ecosystem hold real promise, but they also pose concrete challenges for digital sovereignty.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/","og_locale":"fr_FR","og_type":"article","og_title":"Digital sovereignty: myths and realities - Infos Globales","og_description":"Free and Open Source Software and the Linux ecosystem hold real promise, but they also pose concrete challenges for digital sovereignty.","og_url":"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/","og_site_name":"Infos Globales","article_published_time":"2025-10-30T15:30:11+00:00","article_modified_time":"2025-10-30T16:03:15+00:00","og_image":[{"width":1536,"height":1024,"url":"https:\/\/www.infos-globales.fr\/wp-content\/uploads\/2025\/10\/Copilot_20251027_172726.png","type":"image\/png"}],"author":"Jules Pr\u00e9vert","twitter_card":"summary_large_image","twitter_misc":{"\u00c9crit par":"Jules Pr\u00e9vert","Dur\u00e9e de lecture estim\u00e9e":"20 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/#article","isPartOf":{"@id":"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/"},"author":{"name":"Jules Pr\u00e9vert","@id":"https:\/\/www.infos-globales.fr\/#\/schema\/person\/6c518d92dabe41ce44e26401b4277830"},"headline":"Digital sovereignty: myths and realities","datePublished":"2025-10-30T15:30:11+00:00","dateModified":"2025-10-30T16:03:15+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/"},"wordCount":4362,"commentCount":0,"image":{"@id":"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infos-globales.fr\/wp-content\/uploads\/2025\/10\/Copilot_20251027_172726.png","articleSection":["Digital"],"inLanguage":"fr-FR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/","url":"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/","name":"Digital sovereignty: myths and realities - Infos Globales","isPartOf":{"@id":"https:\/\/www.infos-globales.fr\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/#primaryimage"},"image":{"@id":"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infos-globales.fr\/wp-content\/uploads\/2025\/10\/Copilot_20251027_172726.png","datePublished":"2025-10-30T15:30:11+00:00","dateModified":"2025-10-30T16:03:15+00:00","author":{"@id":"https:\/\/www.infos-globales.fr\/#\/schema\/person\/6c518d92dabe41ce44e26401b4277830"},"description":"Free and Open Source Software and the Linux ecosystem hold real promise, but they also pose concrete challenges for digital sovereignty.","breadcrumb":{"@id":"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/#primaryimage","url":"https:\/\/www.infos-globales.fr\/wp-content\/uploads\/2025\/10\/Copilot_20251027_172726.png","contentUrl":"https:\/\/www.infos-globales.fr\/wp-content\/uploads\/2025\/10\/Copilot_20251027_172726.png","width":1536,"height":1024},{"@type":"BreadcrumbList","@id":"https:\/\/www.infos-globales.fr\/index.php\/en\/2025\/10\/30\/digital-sovereignty-myths-and-realities\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.infos-globales.fr\/"},{"@type":"ListItem","position":2,"name":"Digital sovereignty: myths and realities"}]},{"@type":"WebSite","@id":"https:\/\/www.infos-globales.fr\/#website","url":"https:\/\/www.infos-globales.fr\/","name":"Infos Globales","description":"Informations globales et g\u00e9n\u00e9rales","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infos-globales.fr\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Person","@id":"https:\/\/www.infos-globales.fr\/#\/schema\/person\/6c518d92dabe41ce44e26401b4277830","name":"Jules Pr\u00e9vert","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/496c3c764679c5c2a40fe42920593822b133caadf3dc005b80375535e67d3fb3?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/496c3c764679c5c2a40fe42920593822b133caadf3dc005b80375535e67d3fb3?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/496c3c764679c5c2a40fe42920593822b133caadf3dc005b80375535e67d3fb3?s=96&d=mm&r=g","caption":"Jules Pr\u00e9vert"},"description":"Curieux de nature, passionn\u00e9 de sciences et de technologie, tomb\u00e9 dans l'informatique \u00e9tant petit et professionnel des technologies de l'information depuis plus de 20 ans...","sameAs":["https:\/\/www.infos-globales.fr"],"url":"https:\/\/www.infos-globales.fr\/index.php\/author\/jules-prevert\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infos-globales.fr\/index.php\/wp-json\/wp\/v2\/posts\/2389","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infos-globales.fr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infos-globales.fr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infos-globales.fr\/index.php\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infos-globales.fr\/index.php\/wp-json\/wp\/v2\/comments?post=2389"}],"version-history":[{"count":3,"href":"https:\/\/www.infos-globales.fr\/index.php\/wp-json\/wp\/v2\/posts\/2389\/revisions"}],"predecessor-version":[{"id":2497,"href":"https:\/\/www.infos-globales.fr\/index.php\/wp-json\/wp\/v2\/posts\/2389\/revisions\/2497"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infos-globales.fr\/index.php\/wp-json\/wp\/v2\/media\/2246"}],"wp:attachment":[{"href":"https:\/\/www.infos-globales.fr\/index.php\/wp-json\/wp\/v2\/media?parent=2389"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infos-globales.fr\/index.php\/wp-json\/wp\/v2\/categories?post=2389"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infos-globales.fr\/index.php\/wp-json\/wp\/v2\/tags?post=2389"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}