lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <1644432842.140359.1730824451296@fidget.co-bxl>
Date: Tue, 5 Nov 2024 17:34:11 +0100 (CET)
From: Dylan ‎ ‎ <falaichte@...lfence.com>
To: Al Viro <viro@...iv.linux.org.uk>
Cc: linux-kernel@...r.kernel.org, gregkh@...uxfoundation.org,
	torvalds@...ux-foundation.org
Subject: Re: Russians in the Kernel

> For another,
any proxy set up to bypass the sanctions that really exist (i.e.
based on employment by sanctioned companies) would fall under the
same sanctions.

You could make the argument that sanctions as per the laws of the United States is itself unconstitutional as it impedes people's right to freedom of assembly. Even then, there is still the point that the Linux kernel and similar open source projects are transnational communities and by prohibiting access to participation you aren't respecting the spirit of free and open source software. Where anyone may participate regardless of their walk of life. I can understand not wanting to incur the wrath of the American government and that it is better to comply in some cases than make a stand as has been the case with Nintendo and emulation. I just simply don't like the amount of governmental overreach with that particular executive order and believe that it should be undermined wherever legally possible. 

Though I'll understand if the idea does end up getting anywhere. I just thought that it was worth sharing nonetheless.

> For another, you really don't want to set anything with even
the slightest whiff of "that's how to hide patch origin and/or
evade review" - that's an open invitation to any organization
that wants to feed something underhanded into the kernel.
Won't be a healthy place to hang around, to put it very mildly.

The difference is that it would all be above board with the intermediary acting as a buffer between those targeted by sanctions and the work they've done. It's all open source anyway, so there's nothing that can be done if their source code was forked and then used upstream in a patch series.

-- 
Sent with https://mailfence.com  
Secure and private email

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ