You are not logged in.
While I appreciate software developers' have as much need and desire of privacy as anyone else, I cannot help but be bothered by how little I know about the company behind my operating system.
In most instances of corporate-backed linux distros, there is a tangible company behind them, like Red Hat behind Fedora or Canonical behind Ubuntu. But in the case of Q4OS almost nothing is known:
- The development team is international, used to be based in Germany, but is now based in Prague.
- The home and developer webpages are copyrighted 2020, but the downloads, documents and business webpages are copyrighted 2022
- The videos linked from the website (youtube(dot)com/watch?v=FAQohrvvC2U) and patreon page (youtube(dot)com/watch?v=sj0a0ygvhTI) are from third parties.
- The downloads are hosted on SourceForge, but the source code is nowhere to be found
- Support is advertised as either paid or through this forum.
- The webshop sells physical installation media as well as gift cards (though I suspect the latter may be an unintentional anomaly from hosting via OpenCart)
- Wikipedia and DistroWatch have articles for Q4OS containing hardly any information. In fact, the two alternative websites DistroWatch links don't exist (anymore).
Is this really all that is known about the developers? Doesn't that strike anyone else as troubling?
Offline
Doesn't that strike anyone else as troubling?
Not really, because Q4OS is more or less Debian with a different interface, and the Q4OS team is quite active in this forum. I've been running it for four years now, with minimal issues.
Offline
Agree with detoo, as Im not troubled at all given its vanilla Debian with perks. That said if anyone is troubled, no one is forcing you to use Q4OS. If you need to know about the devs to use a distro, then there are many that would suit your situation.
Q4OS Aquarius 5.x KDE HP Elitedesk 705 G4 Mini - Ryzen 5 2400g, 16gb ddr4, 1tb m.2 nvme ssd
Offline
Q4OS is more or less Debian with a different interface
Exactly. It's that "more or less" that needs to be quantified and accounted for.
Unless both the source code is available and the user-base is sufficiently large that any problems with the code would be caught and called out immediately, that is a risk for anyone running Q4OS. In such an event, responsibility should rest with a tangible entity if not an individual person who can be held accountable and can answer for how or why that problem did not get removed prior to release.
no one is forcing you to use Q4OS
Nor is anyone forcing the company behind Q4OS to maintain a nebulous and intangible presence, to not publish their source code, or to let their copyright notices and webdomains expire.
If you need to know about the devs to use a distro, then there are many that would suit your situation.
I don't necessarily need to know who they, but something should be known about them. Especially when it is not clear than any independent party is reviewing their code.
This is the case for pretty much every other distro under the sun, so you are correct that perhaps I should stop using Q4OS. Although that strikes me as running afoul of the rule against discouraging people from using Q4OS.
Offline
Im not discouraging you from using Q4OS, its just that the parameters youve setup for yourself in this situation simply cant be attained. This is a conversation thats best done with the devs and you certainly can contact them directly to discuss it. My hope is if you like Q4OS youll continue using it but you cant force your perspective if the community as a whole doesnt have an issue with it in the first place. Having used hundreds of distros, not all distros follow your parameters including Q4OS.
Q4OS Aquarius 5.x KDE HP Elitedesk 705 G4 Mini - Ryzen 5 2400g, 16gb ddr4, 1tb m.2 nvme ssd
Offline
I would like to know that I am safe to continue using Q4OS and safe to recommend it to others. That's why I am asking if anything more is know about the developers than what I'm aware of.
And if there is, then it would be good for the developers to know that it is not easy to find. And if there is not, then it would be good for the developers to know that it is important to change that.
Offline
the parameters youve setup for yourself in this situation simply cant be attained.
Not at all. The parameters are the absolute minimum for any operating system to be used by anyone. And they have easily been attained by pretty much every other distro in existence.
IThis is a conversation thats best done with the devs and you certainly can contact them directly to discuss it.
This forum is the only non-commercial support listed on the website. And as, detoo said, "the Q4OS team is quite active in this forum", so I'm hoping they will weigh in.
you cant force your perspective
I'm not trying to force anything. I would like to know that I am safe to continue using Q4OS and safe to recommend it to others. That's why I am asking if anything more is know about the developers than what I'm aware of.
And if there is, then it would be good for the developers to know that it is not easy to find. And if there is not, then it would be good for the developers to know that it is important to change that.
Offline
... I would like to know that I am safe to continue using Q4OS and safe to recommend it to others. ...
Yes, you are safe, absolutely. Debian base is the guaranty. Q4OS specific code is free and the sources are available on request according to GPLv2 license. We would like to ask you for more factual expressing. Your posts give an aggressive impression and could discourage users from using Q4OS.
If you have any doubts, please set exact factual questions, we will try to answer. Note, we like our privacy and don't want publish some sensitive data.
Offline
Q4OS specific code is free and the sources are available on request according to GPLv2 license.
Why only on request? Why not make it available on GitHub, BitBucket, GitLab or a similar forge? (I think SourceForge which is currently hosting your downloads, also allows making raw code visible, though I could be wrong about that.)
We would like to ask you for more factual expressing.
My original post expresses an entire list of facts that you have not addressed yet
Your posts give an aggressive impression and could discourage users from using Q4OS.
No, they really don't. Not like reminding me nobody's forcing me to use Q4OS, or like issuing what I can only view as a rather transparently veiled threat to censor unwelcome questions. Of course, any such censorship would also be a very definitive answer, of sorts, to my concerns.
Speaking of transparency, or rather lack thereof, I'm not joking when I say the nebulous and intangible nature of your company is something that really is discouraging from using Q4OS.
If you have any doubts, please set exact factual questions, we will try to answer.
1) Why is Q4OS' source code only available upon request?
2a) How much does Q4OS add to, remove from and alter Debian's source code?
2b) What about packages?
3a) Does anyone unaffiliated with your company review Q4OS' source code?
3b) Do they sign off on changes made to it?
4a) Who would be held accountable if any vulnerable or malicious code were to be discovered after it was merged and pushed out to users?
4b) How would they be held accountable?
4c) On what timescale would such a vulnerability be revealed to users?
4d) How would it be revealed?
4e) On what timescale could users expect such a vulnerability to be patched?
4f) How can users seek assistance and/or redress in such a contingency?
5a) Is this forum the only place where support is available free of charge?
5b) Is commercial support only available to businesses or also to individual end-users?
6a) Have any steps been taking to get http://www(dot)q4os(dot)de/ and http://www(dot)q4os(dot)net/ unlisted from DistroWatch?
6b) Why are https://www(dot)q4os(dot)org/downloads1(dot)html, https://www(dot)q4os(dot)org/downloads3(dot)html, https://www(dot)q4os(dot)org/documents(dot)html and https://www(dot)q4os(dot)org/shop/ copyright 2022; but is https://www(dot)q4os(dot)org/contact(dot)html copyright 2017; are https://www(dot)q4os(dot)org/index(dot)html and https://www(dot)q4os(dot)org/developer(dot)html copyright 2020; and are https://www(dot)q4os(dot)org/blog(dot)html and https://www(dot)q4os(dot)org/downloads3(dot)html copyright 2021?
6c) If you let your webdomains and copyright notices expire without taking steps to remedy this, what prevents that same thing happening with signing keys, security certificates, etc.?
7a) Why does your webshop sell $1000 gift cards? (Please tell me that isn't for commercial support.)
7b) Assuming their inclusion is unintentional, what guarantee can you give users that similar oversights are not present in Q4OS itself?
8a) Why do you have no presence at all outside of this website and SourceForge, neither online nor offline?
8b) Is there any information at all that you are willing to share about the company behind Q4OS' development?
8c) In short, who are you? (The company of course, not you personally.)
8d) And why should I believe you when you say I am absolutely safe to continue using Q4OS and to recommend it to others? (This time I mean both the company and you personally.)
Note, we like our privacy and don't want publish some sensitive data.
I deeply appreciate that, I assure you, perhaps better than anyone else. But I'm not asking for your personal information, nor that of any other individual in your company. The company's information, however, should be made publicly available, if not to establish accountability, reliability and credibility as a brand, then at least to meet the requirements of Czech law under EU directives.
So, exactly what data CAN you publish about your company? Surely more than "Q4OS has originated in 2014 as an international project, the main development efforts have settled in Prague in the recent past. The development center is now located in Prague, Czech Republic."
If I sound snarky, please understand that I am doing my best not to, and chalk it up as an allergic reaction to what genuinely feels to me like beating around the bush in order to evade questions and constructive criticism, to say nothing of responsibility and accountability.
I am not trying to discourage anyone from using Q4OS, though perhaps I am unintentionally encouraging a generally critical and questioning attitude. I very much want to believe Q4OS is safe to use and even recommend, but I am not seeing much yet that would put to rest my recently attained unease regarding Q4OS.
Offline
Censorship ? Why do you start talking about censorship ?
Not like reminding me nobody's forcing me to use Q4OS, or like issuing what I can only view as a rather transparently veiled threat to censor unwelcome questions.
We said nothing like that, point us, if not true please
Why do you start talking about censorship ? Such remarks only shed baseless suspicions on Q4OS and make a hidden pressure. We dislike discussing such a confrontational way.
We consider most of your questions rather legitimate, although they could be set by a less aggressive and mistrustful form. We will address them. As we dedicate most of our time to important development tasks, it will take some time. We will open a separate topic for that purpose.
We are just a small team of individuals, the core team counts 3 people at the moment. No company holds or manages the Q4OS project at the moment, although we would love some potential sponsors and strong patrons.
Offline
Censorship ? Why do you start talking about censorship ?
user wrote:Not like reminding me nobody's forcing me to use Q4OS, or like issuing what I can only view as a rather transparently veiled threat to censor unwelcome questions.
We said nothing like that, point us, if not true please
Why do you start talking about censorship ? Such remarks only shed baseless suspicions on Q4OS and make a hidden pressure. We dislike discussing such a confrontational way.
Since the forum rules state
Posts that discourage people from using Q4OS will be removed
, I can only view
Your posts give an aggressive impression and could discourage users from using Q4OS
as a threat.
And since I don't think that my
posts give an aggressive impression and could discourage users from using Q4OS
, the only reason I see for such a threat would be preventing me from asking certain questions.
If such was not your intention, then all the better. No harm, no foul
We consider most of your questions rather legitimate, although they could be set by a less aggressive and mistrustful form. We will address them. As we dedicate most of our time to important development tasks, it will take some time. We will open a separate topic for that purpose.
Again, I really don't think I was being aggressive, but I'm afraid I cannot deny that my unease is making me mistrustful.
Please take as much time as you need to address my questions, it is not my intention to stall development.
And if any of my questions do not seem legitimate, please feel free to skip those and I will try to put them differently.
We are just a small team of individuals, the core team counts 3 people at the moment. No company holds or manages the Q4OS project at the moment, although we would love some potential sponsors and strong patrons.
But you are selling installation media and commercial support. Right? You are trying to promote your product and services to businesses, if not to individuals. Q4OS is not a purely altruistic exercise or a byproduct of teaching yourself Debian. That is what I mean by Q4OS the company, as opposed to Q4OS the product by which I mean the distro itself.
Offline
Hi folks,
following this discussion with great interest.
I completely agree with what @user says and cannot understand the reaction of @q4osteam.
I can confirm that there are many people out there sharing very similar questions @user described in detail.
Hope, that @q4osteam will provide a serious answer - good luck
Offline
Again, the pure questions themselves are contributive and they will be addressed. It can help Q4OS become more transparent and trustfull.
Offline
1) Why is Q4OS' source code only available upon request?
We consider more advantageous to us to provide source code on request. If you want to get some more info,
read ... https://www.q4os.org/forum/viewtopic.php?id=4273
We answer step by step as we are busy with another quite important agenda. The next question a bit later
Offline
We consider most of your questions rather legitimate, although they could be set by a less aggressive and mistrustful form. We will address them. As we dedicate most of our time to important development tasks, it will take some time. We will open a separate topic for that purpose.
Followed the discussion, too, and the above acknowledgement feels both rather promising and totally satisfactory from where I stand.
OTOH, I do agree user's tone comes across as quite confrontational -- but, from what I have seen in various forums around the web, it seems to be the new normal...
Offline
from what I have seen in various forums around the web, it seems to be the new normal...
...along with the old normal:
https://en.wikipedia.org/wiki/Sock_puppet_account
Offline
Agree with both detoo and Midas.
Q4OS Aquarius 5.x KDE HP Elitedesk 705 G4 Mini - Ryzen 5 2400g, 16gb ddr4, 1tb m.2 nvme ssd
Offline
Hi folks,
......I can confirm that there are many people out there sharing very similar questions @user described in detail....
Evidence please.
Offline
2a) How much does Q4OS add to, remove from and alter Debian's source code ?
https://www.q4os.org/forum/viewtopic.ph … 691#p23691
to be continued ...
Offline
I can confirm that there are many people out there sharing very similar questions @user described in detail.
I have no idea how many people share my concerns, but one would certainly hope that I am not the only one.
Ad 1) Why is Q4OS' source code only available upon request?
https://www.q4os.org/forum/viewtopic.php?id=4273We answer step by step as we are busy with another quite important agenda. The next question a bit later
Thank you. And as I said, take your time
OTOH, I do agree user's tone comes across as quite confrontational
It's funny in a sad kind of way. I was actually considering whether I should give a conditional apology just in case I was actually too blind to see my own alleged "aggresive" and "confrontational" tone, until I saw detoo and crosscourt's comments.
But now I wouldn't at all surprised if Sand is actually one of their sockpuppets, trying to set me up. If they are even different users themselves, that is. For all I know both of them are Q4OS developers, or even a single one.
And the same could be true of bin as well. In theory, even of you. Wouldn't that be funny? Me talking to five different people, but actually its just the two of us...
You know what, nevermind. Thanks for your time, Q4OSteam, but don't bother answering the questions for my benefit. Maybe Sand still wants them answered, if they're a real person. I personally think it would probably be in your best interest to answer them regardless. But who cares what I think about anything, right?
I'm fed up with having my very real concerns shutdown, evaded and ridiculed with false accusations of being "aggressive" and "confrontational", and while the same people/person telling me "no one is forcing [me] to use Q4OS" falsely accuses me of using sock-puppet accounts.
So if your goal was to make me stop using Q4OS, any of you (if you aren't one and the same person), then congratulations, you've done it. I wash my hands of it and of all of you. Goodbye.
Last edited by user (2022-11-05 23:37)
Offline
All in all, Q4OS users can only benefit from the answers, we will continue addressing questions one by one.
Offline
So if your goal was to make me stop using Q4OS, any of you (if you aren't one and the same person), then congratulations, you've done it. I wash my hands of it and of all of you. Goodbye.
Good riddance to the troll!! Au revoir. Auf Wiedersehen. Arrivederci!!
As an aside, to the Q4OS team, you should sticky the "Q4OS source code" thread so that it's always visible.
Last edited by tlmiller76 (2022-11-06 19:50)
Q4OS Trinity machine - Crelander E160. Intel Celeron N5105, 16GB LPDDR4, 512GB m.2 SATA SSD, Intel UHD graphics, Intel 7265 Wifi 5 + BT 4.x, 16" 3072x1920 LCD.
Offline
LOL!! What a farce and yes goodbye troll. Actually it might be best to create an area on the main page with links to info about the source code and any other relevant info the devs feel comfortable releasing to users.
Q4OS Aquarius 5.x KDE HP Elitedesk 705 G4 Mini - Ryzen 5 2400g, 16gb ddr4, 1tb m.2 nvme ssd
Offline
As an aside, to the Q4OS team, you should sticky the "Q4OS source code" thread so that it's always visible.
Actually it might be best to create an area on the main page with links to info about the source code and any other relevant info the devs feel comfortable releasing to users.
We don't want to create sticky threads on the forum except for the absolute necessary information. Instead, we will assemble the source code thread as a documentation available here https://www.q4os.org/documents.html , as @crosscourt suggests.
Offline
2b) What about packages?
It's a bit vague question, we are trying to answer as good as understand it in the given context.
https://www.q4os.org/forum/viewtopic.ph … 711#p23711
Offline