If an untrusted user is sitting at the console of a sudoer account, armed with its password, all is lost and any security has effectively been defeated already. While I do understand the concern it seems like something of a moot point.

It’s not like it’s a proprietary blob. No one is stupid enough to accept a proprietary security blob from Microsoft.

Moreover, if you click through to the article, you see that this module entirely concerns eBPF, which is essentially unused outside of corporate servers (and Android phones) in the first place and is therefore barely our business to begin with.

Okay, I’m not a fan of this either but let’s not get too worried about this. Everyone’s known Ubuntu is a joke for a long time and they don’t really have much influence on even several of their downstreams, let alone the rest of the ecosystem.