| 1 |
Hi! |
| 2 |
|
| 3 |
On Sun, Apr 30, 2017 at 01:55:16PM +0200, SK wrote: |
| 4 |
> And it's not about money from what I've read, should read this if you |
| 5 |
> want some more information : |
| 6 |
|
| 7 |
If it's all just about credits, ego and personal conflict with LF - when |
| 8 |
they the hell it affects everybody else? AFAIK Gentoo Hardened and |
| 9 |
probably most other distributions which use GrSec/PaX have nothing with |
| 10 |
all of this. Wanna say "fuuuu" to LF? No prob, change license to say only |
| 11 |
listed Linux distributions may continue using GrSec/PaX for free. |
| 12 |
This will makes it very clear sign of LF doesn't control GrSec/PaX and |
| 13 |
doesn't punish end-users who has nothing with LF and that conflict. |
| 14 |
|
| 15 |
|
| 16 |
But my original question has nothing with all of this. I was asking how it |
| 17 |
possible for security-concerned people like GrSec/PaX developers to make |
| 18 |
decisions which will leave vast majority of Linux systems less protected |
| 19 |
than they are now? No matter because of that - money, credits, ego… - |
| 20 |
none of these worth such a high damage to the world. And is it possible to |
| 21 |
somehow minimize that damage. That's it. |
| 22 |
|
| 23 |
|
| 24 |
P.S. I'm Linux user since 1994. And since that time I hear about LF twice: |
| 25 |
read in news when it was created… and yesterday. That's because I'm doing |
| 26 |
real work instead of playing politics. One may name it ignorance instead |
| 27 |
and tell me if I leave politics alone it doesn't means politics will leave |
| 28 |
me alone too… and that's true, of course. But at the end of day there is |
| 29 |
no such thing as abstract politics, it's always about concrete people |
| 30 |
making concrete decisions. And here we've very concrete GrSec/PaX |
| 31 |
developers making very concrete decision to harm overall world security. |
| 32 |
|
| 33 |
P.P.S. Leave NSA alone for the moment, because if it's all NSA then all we |
| 34 |
can do is to hope Google or anyone else who has enough resources and good |
| 35 |
will will just fork GrSec/PaX and continue developing it under GPL2. |
| 36 |
And this discussion then doesn't makes any sense. There is a very small |
| 37 |
but still non-zero chance my posts will change GrSec/PaX developers mind |
| 38 |
about all of this, but none I can say may affects Google's decision to |
| 39 |
fork or not to fork. |
| 40 |
|
| 41 |
Also, if it's NSA case, next step will be to add backdoor into GrSec/PaX |
| 42 |
(I suppose everyone realize that) which will eventually ruin Open Source |
| 43 |
Security Inc. business anyway. So I just choose to believe this isn't the |
| 44 |
case and no matter how strong NSA may push on them they didn't give up. |
| 45 |
And all what's happens now has nothing with NSA. |
| 46 |
|
| 47 |
-- |
| 48 |
WBR, Alex. |
Archives