1 |
On Fri, May 12, 2017, at 16:38, Alex Efros wrote: |
2 |
> Hi! |
3 |
> |
4 |
> On Fri, May 12, 2017 at 09:10:43PM +0200, "Tóth Attila" wrote: |
5 |
> > Please take a look at on the reply of PaxTeam postend on the openwall |
6 |
> > mailing list: |
7 |
> > http://openwall.com/lists/kernel-hardening/2017/05/11/2 |
8 |
> |
9 |
> What's for? It's pointless. Only very few people are really interested |
10 |
> (i.e. not just curious) in knowing who is paid by which company for doing |
11 |
> what, who makes more real bugs, and who lies about something. |
12 |
> |
13 |
> The important questions about how to keep current level of protection for |
14 |
> individual/small business users and how users of some distributions like |
15 |
> Gentoo/Ubuntu/Android can be protected with GrSec/PaX are still |
16 |
> unanswered. |
17 |
> |
18 |
> While large companies may buy subscription for GrSec/PaX the mentioned |
19 |
> above categories of users can't (correct me if I'm wrong, please) - so |
20 |
> effectively the change in GrSec policy makes harm and punish mostly these |
21 |
> categories of users. If that's real GrSec/PaX goal - it's very sad but |
22 |
> they probably have rights to do this (except their public reasoning |
23 |
> doesn't match what they actually do, so probably there are some unsaid |
24 |
> reasoning exists too), but if it's not their real goal - then they |
25 |
> probably should provide some options for these categories of users too. |
26 |
> |
27 |
> -- |
28 |
> WBR, Alex. |
29 |
|
30 |
Individuals can certainly request a quote -- I did -- their director of |
31 |
sales is very patient, considerate and accommodating. Unfortunately the |
32 |
price is quite a bit more than I can personally afford at present. |
33 |
|
34 |
|
35 |
I don't personally doubt PaXteam/Spenders stated reasoning. It appears |
36 |
they've encountered a quite aggravating situation with what may amount |
37 |
to plagiarists. The post Dr. Toth linked closely mirrored what I |
38 |
initially anticipated from observing kspp and the like from afar. I |
39 |
think they're in a crap situation and what they've done is one of the |
40 |
better of several bad options. |
41 |
|
42 |
|
43 |
So, I am considering the costs of alternative control environments for |
44 |
my personal systems, perhaps it will be worth the quoted price after all |
45 |
once I've assessed options. |
46 |
|
47 |
But, point being, if paying is not out of the question I think you |
48 |
should request a quote. |
49 |
|
50 |
|
51 |
-- |
52 |
0x7D964D3361142ACF |