@arraybolt3 @vkc It's possible this is an issue, but having read the thread the overwhelming impression I get is of people trying to shove effort onto the developer, and being unwilling to help. There are comments that most of the blobs have now located scripts for building, and a comment within the last day that the GRUB related blobs are from other distributions. I'm not seeing anyone e.g. doing a CRC check on the blob vs other sources, or submitting diffs to fetch the files from another project.

The latest comment takes the biscuit 'I promise that as soon as this gets satisfyingly fixed and the worries come down, I'm becoming a regular financial contributor. and I'm sure many in the thread will dot the same.'

haha. hahahahahahahaha. bonk. They tried that before, it didn't work.

Good point on the CDROM emulator though, I use a Zalman VE300 for that purpose.

@vkc @arraybolt3 Meh, I wouldn’t really say they’re ignoring it. Ventoy’s last commit itself was 2 months ago, and the issue isn’t much older than that. The binary blobs need to go, sure, but it’s not like anyone complaining is opening a pull request for that.

This is a foss project, the dev isn’t being paid for it or anything so maybe let’s just not reproduce the foss negativity we all complain about? They’re in no way obliged to respond as quickly as anyone wants, you know?

Instead of accusing without proof and recommending a closed source expensive hardware alternative (and btw the same proofless accusation could be made here, saying people are attacking #ventoy just to recommend a backdoored closed source alternative…) maybe someone could actually build those binaries and make sure they are the same? And while they’re at it document the building processes so someone can make a PR removing those blobs from Ventoy’s source.

The suspiciously enthusiast fanboys are weird tho…

@arraybolt3@theres.life @vkc@linuxmom.net The comments may look like a replay of the Jia Tan incident, but it isn't like forcing someone to hand out their maintenance role to another like last time. I can see where those people are coming from, because just like them, I'm somewhat a Ventoy fan booting several ISOs for system installations and repairs. If I watched her video, I'm likely to leave a comment on why leaving Ventoy out too, and I also see avid fans of certain pieces of products bombarding recommendations when they see a list doesn't contain what they love.
The solution you recommended requires purchasing a separate piece of hardware is sadly not feasible in a broader context. Where thumb drives could be obtained relatively cheaply, those pieces of hardware you recommended cost around 50 euros for a single one. On the cost front alone, the temporary solution offered isn't likely to attract a crowd of any significance.
I must admit however the binary blobs are indeed quite questionable, as I also went through the nightmare of manually downgrading the packages on a fleet of servers myself during that xz incident, writing a call-out post after that. I can't say I'll be stopping using Ventoy at all in the foreseeable future until another all-software solution makes its scene, but I'll keep this disturbing fact in mind.

Edit: Sifting through the comment section, I found @attilax@framapiaf.org mentioning MultiSystem (use machine translation if you cannot read French), which was sadly discontinued over two years ago.