Malicious startups can’t survive in the catalogue of the EU comission. In it there are certainly also commercial solutions, but mostly FOSS, OSS and FLOSS. The reason is to recover the sovereign from the US hegemony of the big companies in the web. Respect EU OS, there are in the focus several distros:

Arcolinux of Belgium

Slax of the Czech Republic

Exherbo of Denmark

Daphile of Finland

Manjaro, Lubuntu, Mageia France

Manjaro, OpenSUSE, Haiku, Knopix of Germany

AntiX and MXlinux of Greece

Linux mint, Zorin, Solus Ireland

Endeavour and NixOS of the Netherlands

Alpine Linux Norway

SparkyLinux of Poland

Void of Spain

CRUX of Sweden

Kali Linux Switzerland

FerenOS, UK

https://european-alternatives.eu/alternatives-to

https://european-alternatives.eu/categories

But if you trust more the US soft and services, use these and the malicious soft from there, without the rights and privacy of the EU but those from Trump and Musk.

Seems Fedora & KDE

FOSS is already stale for a long time by large corporations (Google, Microsoft, Meta, Amazon, X, etc), all of these with own developments of FOSS, these are not affected by this cuts for OpenSource proyects, but small startups, individual devs and small companies and oprganisations. It’s not against FOSS, it’s about control and clear against freedom.

Fuck the US https://interoperable-europe.ec.europa.eu/eu-oss-catalogue

If a soft or service is trustworth or not, only depends on the author and the community behind. Nothing worse and dangerous than a software unattended or abandoned by the author, more so if it is OpenSource, where it is easier than in closed source that an asshole add or modify some lines as a little gift,when there is nobody to control it. FOSS is great in new projects, because allow to an coope developement and the access of needed resources, but it isn’t necessarly sinonym of privacy and security, most APIs included in a huge amount of soft are OpenSourcemade by big companies, like Google, Microsoft, Facebook, Amazon and others and not precisely because privacy. Adding also a huge amount of FOSS made by these companies. The normal user only can relay on the TOS and PP, or audit the product with Blacklight, WebbKoll, DomainDigger and similar.