The Washington Post published an article today which describes the ongoing tension between the security community and Linux kernel developers. This has been roundly denounced as FUD, with Rob Graham going so far as to claim that nobody ever attacks the kernel.
Unfortunately he's entirely and demonstrably wrong, it's not FUD and the state of security in the kernel is currently far short of where it should be.
[Here is] an example. Recent versions of Android use SELinux to confine applications. Even if you have full control over an application running on Android, the SELinux rules make it very difficult to do anything especially user-hostile. Hacking Team, the GPL-violating Italian company who sells surveillance software to human rights abusers, found that this impeded their ability to drop their spyware onto targets' devices. So they took advantage of the fact that many Android devices shipped a kernel with a flawed copy_from_user() implementation that allowed them to copy arbitrary userspace data over arbitrary kernel code, thus allowing them to disable SELinux.
(Score: 4, Insightful) by linkdude64 on Wednesday November 11 2015, @11:03PM
Certainly not any moreso than the majority of comments "SJWs" make about most of their gripes. Extremism is the problem here, not a particular ideology; rejecting any statement outright based on buzzwords alone is hasty, IMO. Either way, this is offtopic.
(Score: 1, Offtopic) by Tork on Wednesday November 11 2015, @11:41PM
🏳️🌈 Proud Ally 🏳️🌈
(Score: -1, Flamebait) by Anonymous Coward on Wednesday November 11 2015, @11:53PM
Fuck off. Go suck on some transgendered freak's plastic dildo dick.