[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <28315c204184b212a3a60cdd393c3fd3@redchan.it>
Date: Wed, 23 Jan 2019 22:28:45 +0000
From: linuxgpletc@...chan.it
To: Ivan Ivanov <qmastery16@...il.com>
Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
freebsd-chat@...ebsd.org, misc@...nbsd.org,
gentoo-user@...ts.gentoo.org, rms@....org, esr@...rsus.com
Subject: Re: GRSec is vital to Linux security
On 2019-01-23 20:46, Ivan Ivanov wrote:
> Interesting point of view. Well, to be honest it seems to me that
> Linux kernel sacrifices the security for the sake of progress, so it
> is quite bloated at the moment and I am not sure that even GRSecurity
> could fix it. Linux really needs to stop adding new features and
> refactor itself to a smaller and more secure codebase before going
> forward. Maybe 1 year break would be nice.
This man speaks the truth. The constant flux reintroduces long-fixed
bugs, like a constant inflowing tide. The code can never be stabilized
due to the endless needless work of the worker-bee wage-slaves. Thus the
code always has new hidden security errors.
GRSecurity can barely keep up.
A "feature" of the wage-slave era of Linux, that we did not have in the
Hacker era of Linux (the people targeted by the CoC, who actually
created the land where the wage-slave code churners now graze)
"Free" workers from for-profit and government connected enterprises do
not come with no-strings-attached, and the enterprises are not stupid:
they refactor to get their way if an initial strategy isn't working.
The only real flux of any significant magnitude that should occur is
with the addition of new drivers. Instead code is ripped out and
replaced everywhere for little to no real gain.
That being said... GRSecurity's GPL violation is the most blatant
upfront violation of the GPL I've ever seen (they put it in writing and
don't try to hide it (you redistribute, we punish you)).
They also do not deal with small businesses or people who would like to
purchase a "license" from them. Only large businesses and government
contracts.
They're afraid that a small company would pay for 1 server "license" and
then release the code, I think.
Some people wonder why hasn't anyone penetrated their Download server
and stolen the code back and released it?
Maybe because GRSecurity knows what they're doing. If it were hosted on
a vanilla linux server, it would be out by now.
Remember: it's been well over a year. Not one leak of the code, not one
penetration, nothing. They know how to secure a linux machine. Linus
does not. He just allows endless useless flux, barely manages the
project, places it all in the hands of the wage-slaves (who simply do
their job for their company, not for the betterment of the thing (no
passion)) and ousts the old Hackers who built the thing with Linus from
the ground up originally.
Legal action could be taken to stop GrSecurity's blatant violation; one
could atleast sue for the profits. It is a non-seperable work, they are
violating the "no additional restrictions" rule, in writing. They
violated the copyright - it's as simple as that in the end.
No one does a thing. Ofcourse the wage-slaves do not: they don't own
their own code and don't have agency even over their own lives anyway.
Their bosses could do something though, the companies that own the
wage-slave's code. The Hackers, who's code still resides in the linux
kernel AND/OR who's code was a predecessor of current code (even if it
is not the same as their original code) also have standing.
Nothing is done. It's as if the GPL is just worthless trash. It has not
stopped GRSecurity from closing their derivative work of the kernel and
threatening anyone who would redistribute the non-separable derivative
work. They just laugh at Linus, the Hackers, and especially the
wage-slaves.
Didn't someone once say "Linux will be free forever" (hint: Lawrence
Rosen). A piece of Linux isn't now... It hasn't panned out in reality.
Powered by blists - more mailing lists