lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20230907184922.GD701295@mit.edu>
Date:   Thu, 7 Sep 2023 14:49:22 -0400
From:   "Theodore Ts'o" <tytso@....edu>
To:     Jon Maser <jonmaser8@...il.com>
Cc:     LKML <linux-kernel@...r.kernel.org>
Subject: Re: would a linux kernel news group benefit the linux kernel?

On Thu, Sep 07, 2023 at 04:56:08AM -0700, Jon Maser wrote:
> under the guise that it would be used, it would allow discussion, file
> sharing (down to distribution isos) and it should not be hosted on the
> typical charge for use nntp servers on the internet, which hold
> questionable media.
> 
> the problem is it would cost money to host all the files and deal with
> all the traffic and internet noise, so im just throiwng that out there
> incase the linux developer world would like, news.linuxfoundation.org
> to host files like that.
> 
> and yeah, all youd need to do is download a news client such as pan,
> enter in server info and read/download/post
> 
> just a novelty, but could be useful

It is already possible to read LKML using an NNTP client[1].  See [2]
and [3] for more details.  It's a read-only mirror, so you can't post
from your NNTP client, and it means all of the message size
limitations of vger.kernel.org still apply.  So it really depends on
what your goals are for having something like this.

[1] nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel
[2] https://lore.kernel.org/lkml/_/text/help/
[3] https://brennan.io/2021/05/05/kernel-mailing-lists-thunderbird-nntp/

Furthermore, we already have a way for to share files via
www.kernel.org.  It requires a kernel.org account, but that can be
considered a feature, since the last thing you want is the KGB or the
Ministry of State Security to post a "distribution iso" that is trojan
horsed to a fare-thee-well.  So having good accountability of who can
share files is a good thing, and the free-for-all "what,
authentication, me worry?" philosophy of Usenet is a time that I
recall with fondness back in the 1980's, but it's not clear it's well
suited for the security requirements of today.

Cheers,

						- Ted

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ