Stories
Slash Boxes
Comments

SoylentNews is people

posted by mrpg on Tuesday November 21 2017, @05:00AM   Printer-friendly
from the yes-but-be-nice dept.

Linux overlord Linus Torvalds has offered some very choice words about different approaches security, during a discussion about whitelisting features proposed for version 4.15 of the Linux kernel. Torvalds' ire was directed at open software aficionado and member of Google's Pixel security team Kees Cook, who he has previously accused of idiocy. Cook earned this round of shoutiness after he posted a request to "Please pull these hardened usercopy changes for v4.15-rc1."

[...] Torvalds has long been unafraid to express himself in whatever language he chooses on the kernel and has earned criticism for allowing it to become a toxic workplace. He's shrugged off those accusations with an argument that his strong language is not personal, as he is defending Linux rather than criticising individuals. On this occasion his strong language is directed at a team and Cook's approach to security, rather than directly at Cook himself. It's still a nasty lot of language to have directed at anyone.

Some 'security people are f*cking morons' says Linus Torvalds

[Reference]: [GIT PULL] usercopy whitelisting for v4.15-rc1
[Linus' Response]: Re: [GIT PULL] usercopy whitelisting for v4.15-rc1


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: -1, Troll) by MichaelDavidCrawford on Tuesday November 21 2017, @05:03AM (21 children)

    by MichaelDavidCrawford (2339) Subscriber Badge <mdcrawford@gmail.com> on Tuesday November 21 2017, @05:03AM (#599544) Homepage Journal

    Some right chap who harassed two black women - on in a hijab - then murdered two men who came to their defense, and grievously wounded a third, explained at his arraignment that he was not guilty because he was just "defending America".

    --
    Yes I Have No Bananas. [gofundme.com]
    • (Score: 5, Insightful) by The Mighty Buzzard on Tuesday November 21 2017, @05:25AM (20 children)

      by The Mighty Buzzard (18) Subscriber Badge <themightybuzzard@proton.me> on Tuesday November 21 2017, @05:25AM (#599547) Homepage Journal

      Yeah, no. Linus is absolutely correct. You don't write additional code to stop the exploitation of known bugs and leave the bugs in. Writing code to stop unknown bugs from being exploited is all fine and good but if you know about them you fix the damned things instead of slapping a band-aid over the top of them.

      --
      My rights don't end where your fear begins.
      • (Score: 5, Funny) by RS3 on Tuesday November 21 2017, @06:18AM (15 children)

        by RS3 (6367) on Tuesday November 21 2017, @06:18AM (#599561)

        Wait, you mean MS is doing it wrong?

        • (Score: 5, Insightful) by aristarchus on Tuesday November 21 2017, @06:59AM (14 children)

          by aristarchus (2645) on Tuesday November 21 2017, @06:59AM (#599566) Journal

          This is the end. The Apocalypse. Götterdammerung. Raganorak. Runaway posted something spot on and righteous. khallow did something near the same, for khallow. And Now you tell me that The Mighty Buzzard, his own self, is saying something so true that it makes blue dog democrats and yellow dog republicans agree! Well, hush my puppies! And these are not "Sad Puppies", they are in fact "Hushpuppies". [myrecipes.com] I am going to have to retire, if this keeps up.

          • (Score: 3, Informative) by Anonymous Coward on Tuesday November 21 2017, @08:25AM (5 children)

            by Anonymous Coward on Tuesday November 21 2017, @08:25AM (#599582)

            Götterdämmerung

            FTFY

            • (Score: 4, Funny) by aristarchus on Tuesday November 21 2017, @08:43AM (1 child)

              by aristarchus (2645) on Tuesday November 21 2017, @08:43AM (#599583) Journal

              Sure, here I am, misspelling the downfall of the gods and the end of the world in hopes of putting it off a bit, and you have to be so helpful as to correct me? Now you've done it, and it is all on you and not on me! This whole Nibiru affair, it is on this AC right here! Not me! I tried to warn you! But would you listen? It was all "it's only aristarchus again, when has he ever been right?" Except, you remember that whole heliocentric thing? Sizes of the Moon and Sol? And how there could be no Nibiru? Oh, how quickly they forget, and how often. Fortunately, Greek Gods do not do the dämmerunging thing. They are immortal. Which if probably why Greece is doing just fine while Germany's government has just suddenly dämmerung'ed. German German-spelling Nazis, anyway. After Ragnorak, who needs an umlaut any way? Ümlaut, or Umläut, anyway?

              • (Score: 2) by AthanasiusKircher on Wednesday November 22 2017, @02:28AM

                by AthanasiusKircher (5291) on Wednesday November 22 2017, @02:28AM (#600015) Journal

                You and that damn heliocentrism thing. Always gloating. Except where's the proof? Some "lost" treatise? Likely story. Everyone says you said it, but what if it's all just fake news?! People tweeting on their papyri...

            • (Score: 1, Touché) by Anonymous Coward on Tuesday November 21 2017, @08:43AM (2 children)

              by Anonymous Coward on Tuesday November 21 2017, @08:43AM (#599585)

              Göttërdämmërüng

              There, FTFY

              • (Score: 2) by aristarchus on Wednesday November 22 2017, @07:13AM (1 child)

                by aristarchus (2645) on Wednesday November 22 2017, @07:13AM (#600078) Journal

                That, my dear and fluffy soylentil, is an umlaut too far! Remember, as the Great TMB said when he implemented it: "With great unicode comes great responsibility."

          • (Score: 2) by Aiwendil on Tuesday November 21 2017, @09:06AM (3 children)

            by Aiwendil (531) on Tuesday November 21 2017, @09:06AM (#599588) Journal

            Huh, funny, didn't know Hushpuppies was a pastry, I only knew that term as a reference to Guns with silencers (in particular Smith & Wesson Model 39 Mk 22 Mod 0 [wikipedia.org](search for: hush)

            Learned something new and potentially useful today, thanks.

            (Also - Ragnarök)

            • (Score: 3, Informative) by aristarchus on Tuesday November 21 2017, @10:13AM (2 children)

              by aristarchus (2645) on Tuesday November 21 2017, @10:13AM (#599602) Journal

              Oh, great, now we have umlauted in both German and Norse! This will certainly bring the apocalypse (that's greek, by the way, ἀποκάλυψις, the "falling down", or "away", not sure which) upon SoylentNews! In times, or ends of times, like these, I recommend spirits, especially Ouzo.

              • (Score: 2) by c0lo on Tuesday November 21 2017, @03:13PM (1 child)

                by c0lo (156) Subscriber Badge on Tuesday November 21 2017, @03:13PM (#599674) Journal

                especially Ouzo.

                But of course magister.
                At +30C, no other spirit works better - except, once in a while, some Cuban rum (if one mixes it well with jazz).

                --
                https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
                • (Score: 0) by Anonymous Coward on Tuesday November 21 2017, @05:53PM

                  by Anonymous Coward on Tuesday November 21 2017, @05:53PM (#599751)

                  I'll only use Ouzo as a substitute for Absinthe if I can't get any and want the visual appeal of the anise louche.

          • (Score: 4, Funny) by kazzie on Tuesday November 21 2017, @09:24AM (1 child)

            by kazzie (5309) Subscriber Badge on Tuesday November 21 2017, @09:24AM (#599590)

            That's the final great battle of people wearing raincoats, right?

            • (Score: 3, Funny) by pendorbound on Tuesday November 21 2017, @02:35PM

              by pendorbound (2688) on Tuesday November 21 2017, @02:35PM (#599651) Homepage

              I just like to take this moment to thank the admins for bringing proper Unicode support to slashcode. Without their forethought and benevolence, dē𐌴ᚹ å𐌽d ⲙéàⲛ¡ngfül dèbÅⲧཇs Տüçᚺ äs ϯh¡Ⴝ øႶe wºùld Σïოpl¥ ᥒØᝨ ᜐε pøssiblé.

          • (Score: 2) by G-forze on Tuesday November 21 2017, @04:14PM (1 child)

            by G-forze (1276) on Tuesday November 21 2017, @04:14PM (#599706)

            Raganorak

            Ragnarök

            Let's not postpone the inevitable any more than we have to. ;)

            --
            If I run into the term "SJW", I stop reading.
            • (Score: 3, Funny) by Azuma Hazuki on Tuesday November 21 2017, @10:03PM

              by Azuma Hazuki (5086) on Tuesday November 21 2017, @10:03PM (#599906) Journal

              Raganorak is the trainspotters' apocalypse then? The Teatime of the Timetables?

              --
              I am "that girl" your mother warned you about...
      • (Score: 2) by edIII on Tuesday November 21 2017, @07:06AM (1 child)

        by edIII (791) on Tuesday November 21 2017, @07:06AM (#599569)

        Having read his response, the only thing I disagree with is his ideology that seemingly *only* allows for fixing bugs to increase security. Security is layered, and defense in depth should always be a good goal. Unless I misunderstood what he was trying to say:

        As a security person, you need to repeat this mantra:

        "security problems are just bugs"

        and you need to _internalize_ it, instead of scoff at it.

        The important part about "just bugs" is that you need to understand
        that the patches you then introduce for things like hardening are
        primarly for DEBUGGING.

        I'm not at all interested in killing processes. The only process I'm
        interested in is the _development_ process, where we find bugs and fix
        them.

        As long as you see your hardening efforts primarily as a "let me kill
        the machine/process on bad behavior", I will stop taking those shit
        patches.

        Otherwise I agree with you about the band-aid.

        --
        Technically, lunchtime is at any moment. It's just a wave function.
        • (Score: 0) by Anonymous Coward on Tuesday November 21 2017, @07:51AM

          by Anonymous Coward on Tuesday November 21 2017, @07:51AM (#599573)

          What I got out of it was something rather different.

          "Security problems" in this context are not design problems. "Security problems" are specific, identified bugs. As such, for this type of "security problem" the proper response is in fact to address the bug, not to change fundamental kernel behavior.

          Now, there can easily be "security problems" in a more broad sense, e.g. "the way the kernel currently does things is dangerous and we need to come up with a better way." These are design problems, and may warrant a more large-scale response. But those should be properly developed over time and people should be warned in case it breaks software so problems can be addressed in advance, rather than after an automatic update goes horribly awry. Addressing a bug in a patch should not result in fundamental redesign more or less on the fly, which seems to be what was done by the programmer Linus is irate with. This patch seemed to make things secure by throwing anything that might even potentially cause a violation under the bus, on the assumption that this is without question the best and only acceptable solution and anything that it disrupts is indisputably expendable. Clearly, it is not necessarily so unquestionable or indisputable after all.

          A major problem is that some security people are willing to sacrifice anything and everything in the name of perceived short-term security. I think this was one of those situations.

      • (Score: 0) by Anonymous Coward on Tuesday November 21 2017, @03:08PM (1 child)

        by Anonymous Coward on Tuesday November 21 2017, @03:08PM (#599669)

        Being right doesn't make him any less of a narcissistic asshole. He is right about not leaving a bug in and working around it, but his attitude that he's being an asshole for Linux just smacks of rationalization.

        • (Score: 3, Insightful) by tangomargarine on Tuesday November 21 2017, @03:54PM

          by tangomargarine (667) on Tuesday November 21 2017, @03:54PM (#599704)

          You have to be a bit rude from time to time to get anything done. How much varies depending on who you're working with.

          Now obviously it's a different question if you *enjoy* being rude to people. But you'll excuse me if I don't trust you to make that diagnosis, Mr. Armchair Psychologist.

          --
          "Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
  • (Score: 4, Insightful) by MostCynical on Tuesday November 21 2017, @05:36AM (10 children)

    by MostCynical (2589) on Tuesday November 21 2017, @05:36AM (#599551) Journal

    being right doesn't stop him being a rude pain in the arse (ass)

    --
    "I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
    • (Score: 0) by Anonymous Coward on Tuesday November 21 2017, @05:45AM (3 children)

      by Anonymous Coward on Tuesday November 21 2017, @05:45AM (#599553)

      I've just realised something.

      Hold onto your hats, guys, this is big.

      If you don't like Linus, you can ... choose not to deal with him.

      I know, it's crazy-pants talk, I know, but I'm pretty sure this is how this one works.

      • (Score: 2) by DannyB on Tuesday November 21 2017, @04:31PM (2 children)

        by DannyB (5839) Subscriber Badge on Tuesday November 21 2017, @04:31PM (#599710) Journal

        Your solution is too radical. Heroes and Villains must be pure black or pure white. No gray. Congress should mandate wearing of pure black or white clothing as a visual aid.

        --
        People today are educated enough to repeat what they are taught but not to question what they are taught.
        • (Score: 1, Funny) by Anonymous Coward on Tuesday November 21 2017, @09:30PM (1 child)

          by Anonymous Coward on Tuesday November 21 2017, @09:30PM (#599888)

          I'm true neutral, you insensitive clod!

          • (Score: 0) by Anonymous Coward on Wednesday November 22 2017, @03:56AM

            by Anonymous Coward on Wednesday November 22 2017, @03:56AM (#600033)

            You can combine them in a striped pattern. [wikipedia.org]

    • (Score: 0) by Anonymous Coward on Tuesday November 21 2017, @07:01AM (1 child)

      by Anonymous Coward on Tuesday November 21 2017, @07:01AM (#599567)

      Linus, TMB, or MDC? I am having a hard time keeping track.

      • (Score: 2) by MostCynical on Tuesday November 21 2017, @07:29AM

        by MostCynical (2589) on Tuesday November 21 2017, @07:29AM (#599571) Journal

        I didn't specify, but will claim that I was (trying to be) on-topic.
        :-)

        --
        "I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
    • (Score: 2) by crafoo on Tuesday November 21 2017, @01:34PM (2 children)

      by crafoo (6639) on Tuesday November 21 2017, @01:34PM (#599628)

      Linus cannot fire these people. If he could, maybe he would be nicer to them because he knows he won't have his team's time wasted dealing with their fantasy-land security patches. No one sends you off into the world with a guarantee that when you do something stupid you're not going to get your feelings hurt. We don't need to be spiteful or mean, but we should be able to deal with harsh criticism. Yes, that's what this is, harsh criticism. Linus provided a pretty good explanation of what they did wrong and what they need to improve, and how. Perfectly reasonable response in my opinion and I thank him for it.

      • (Score: 2) by tangomargarine on Tuesday November 21 2017, @03:52PM (1 child)

        by tangomargarine (667) on Tuesday November 21 2017, @03:52PM (#599701)

        Linus cannot fire these people.

        Maybe not, but is there any reason he couldn't just stop accepting their contributions?

        --
        "Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
        • (Score: 0) by Anonymous Coward on Tuesday November 21 2017, @10:35PM

          by Anonymous Coward on Tuesday November 21 2017, @10:35PM (#599922)

          That is what he did.

    • (Score: 0) by Anonymous Coward on Tuesday November 21 2017, @08:19PM

      by Anonymous Coward on Tuesday November 21 2017, @08:19PM (#599848)

      being right doesn't stop him being a rude pain in the arse

      Who cares? No effective person is going to sit down and respectfully discuss an idea they think is completely stupid. This is engineering, not flower arranging.

  • (Score: 5, Insightful) by Anonymous Coward on Tuesday November 21 2017, @05:45AM (14 children)

    by Anonymous Coward on Tuesday November 21 2017, @05:45AM (#599552)

    They are not just some random coders, without much experience, but ones suposedly in charge of security from a vendor proud of making people jump all kind of hops to get recruited (you must have heard about Google questions). Maybe they have a primadonna mentality? Well, they found the one that kicks donnas' asses. And the email has details of why the patch is rejected, not just insults. Next time they may prefer a plain "no, wrong, redo it but this time correctly... you figure what I mean, until you get it right or you give up, no more explanations from me, enjoy the quiz, keep on guessing".

    Read Linus' email yourself: https://lkml.org/lkml/2017/11/17/767 [lkml.org]

    IT IS NOT ACCEPTABLE when security people set magical new rules, and
    then make the kernel panic when those new rules are violated.

    That is pure and utter bullshit. We've had more than a quarter century
    _without_ those rules, you don't then suddenly walz in and say "oh,
    everbody must do this, and if you haven't, we will kill the kernel".

    The fact that you "introduced the fallback mode" late in that series
    just shows HOW INCREDIBLY BROKEN the series started out.

    ...

    Because honestly, the kind of security person who doesn't accept that
    security problems are primarily just bugs, I don't want to work with.
    If you don't see your job as "debugging first", I'm simply not
    interested.

    So I think the hardening project needs to really take a good look at
    itself in the mirror.

    Because the primary focus should be "debugging". The primary focus
    should be "let's make sure the kernel released in a year is better
    than the one released today".

    And the primary focus right now seems to be "let's kill things for
    bugs". That's wrong.

    ...

    And we had this exact issue with the _previous_ user mode access
    hardening. People apparently didn't learn a goddamn thing.

    That's thin skin if with all the details about where the problem comes from (over and over it seems), you get pissed (see what I did there) about words like shit, bullshit, moron or idiotic. In other places, they will be named as "fired!!! you are fired!!!" and no need of more words.

    But seems all now is about back stabbing will in public keeping a good baby face. Linus just puts some colorful words while asking for solutions.

    • (Score: 4, Interesting) by Anonymous Coward on Tuesday November 21 2017, @05:55AM (8 children)

      by Anonymous Coward on Tuesday November 21 2017, @05:55AM (#599556)

      Maybe it's time Google just built their own, de novo, ground-up closed source kernel.

      I'm serious. They have the people, they have the chops, they have the cash. They want a kernel? They can have one. And they can make it as robust and demanding as they like. Hell, if they really wanted, and didn't mind it all being open sourced, they could fork Linux.

      Then they could stop having to make excuses for putting important stuff in blobs, among other factors. What's not to like?

      Not being evil? That ship sailed years ago, my friend. Years ago.

      • (Score: 0) by Anonymous Coward on Tuesday November 21 2017, @06:15AM (2 children)

        by Anonymous Coward on Tuesday November 21 2017, @06:15AM (#599560)

        Now that would be truly moronic. And they do have a kernel and OS of their own https://en.wikipedia.org/wiki/Google_Fuchsia [wikipedia.org]

        Don't use google products, they're bad for your health.

        • (Score: 0) by Anonymous Coward on Tuesday November 21 2017, @07:04AM (1 child)

          by Anonymous Coward on Tuesday November 21 2017, @07:04AM (#599568)

          Do you know why they called it "Google"? Old joke, but apropos: "Skynet" was already trademarked, in a movie.

      • (Score: 2) by crafoo on Tuesday November 21 2017, @01:27PM

        by crafoo (6639) on Tuesday November 21 2017, @01:27PM (#599627)

        I would argue they really don't have the people or the skills organized in a manner that would produce a successful kernel in a reasonable amount of time. I think the incompetence of the pixel security team illustrates this somewhat.

      • (Score: 4, Insightful) by WillR on Tuesday November 21 2017, @02:41PM

        by WillR (2012) on Tuesday November 21 2017, @02:41PM (#599652)

        they could fork Linux

        They *did* fork Linux, and it diverged enough from mainline that bug fixes couldn't be backported. That's one of many reasons Android kernel updates are a shitshow.
        They're trying to unfork themselves by upstreaming as much as they can now.

      • (Score: 3, Interesting) by Wootery on Tuesday November 21 2017, @02:42PM

        by Wootery (2341) on Tuesday November 21 2017, @02:42PM (#599654)

        closed source

        How would that help? Apple don't seem to mind the open state of Darwin, even if no-one particularly cares.

      • (Score: 2) by DannyB on Tuesday November 21 2017, @04:37PM (1 child)

        by DannyB (5839) Subscriber Badge on Tuesday November 21 2017, @04:37PM (#599714) Journal

        Maybe it's time Google just built their own, de novo, ground-up closed source kernel.

        Even poor stupid evil Microsoft has begun to recognize that open source can actually be in one's best business interest. Google realized that long ago.

        How about: Google build a ground-up1 new open source kernel. If it mostly kept user space compatibility it could end up replacing Linux.

        A newer more modern kernel would be a huge gift to the world.

        1 not as in to grind up, as in ground up kernels

        --
        People today are educated enough to repeat what they are taught but not to question what they are taught.
        • (Score: 2) by letssee on Tuesday November 21 2017, @09:47PM

          by letssee (2537) on Tuesday November 21 2017, @09:47PM (#599895)

          They are doing that. It's called fuchsia irrc. I wouldn't want to depend my life on it though, considering google's track record for dropping projects as soon as they deem them unprofitable.

    • (Score: 0) by Anonymous Coward on Tuesday November 21 2017, @06:01AM (3 children)

      by Anonymous Coward on Tuesday November 21 2017, @06:01AM (#599557)

      Oops.

      Sorry, so feed up about how many times the "Linus used some swear words" keeps hitting the news. I guess some have to "sell tabloids" (The Register) or nobody has found something "dirty" to get rid of Linus and take over the kernel like other projects are going corporate with their "we know better than you, be happy we still let you see the source, but don't ever dream dictating the path from now, punny pleb coder".

      • (Score: 2) by Thexalon on Tuesday November 21 2017, @03:10PM (2 children)

        by Thexalon (636) on Tuesday November 21 2017, @03:10PM (#599672)

        I agree that part of the motivation for the occasional "Waaaaaa! Linus said something mean to me!" story is that there are people who would like Linus to go away forever. Even though in those cases where I examined the story, the chewing out was entirely deserved.

        I mean, let's just say for the sake of argument that there were somebody who thought they had a better idea for how Linux should work, and let's say that person is trying to implement their vision by forcing all other major projects to become a part of it like it or not, and let's say that Linus is preventing that vision from including the kernel in exactly the way this person would like. I could imagine somebody like that trying to push stories like this one in an attempt to undermine Linus' authority.

        * Any resemblance in the above paragraph to actual persons, living or dead, is purely intentional.

        --
        The only thing that stops a bad guy with a compiler is a good guy with a compiler.
        • (Score: 2) by DECbot on Tuesday November 21 2017, @05:21PM (1 child)

          by DECbot (832) on Tuesday November 21 2017, @05:21PM (#599733) Journal

          You leave systemd out of this!

          --
          cats~$ sudo chown -R us /home/base
          • (Score: 2) by Azuma Hazuki on Tuesday November 21 2017, @10:06PM

            by Azuma Hazuki (5086) on Tuesday November 21 2017, @10:06PM (#599911) Journal

            Would heaven that we could! Debian and RHEL both use it now, which means virtually all of Linux does. I'm sitting here with Artix (think "Arch with OpenRC" here) well content, but how many people even know other-than-systemd is even an option?

            SystemD is to init systems what early Gnome 3 was to DEs, and for most of the same reasons.

            --
            I am "that girl" your mother warned you about...
    • (Score: 2, Touché) by Anonymous Coward on Tuesday November 21 2017, @07:23AM

      by Anonymous Coward on Tuesday November 21 2017, @07:23AM (#599570)

      Worked for Pottering...

  • (Score: 1, Funny) by Anonymous Coward on Tuesday November 21 2017, @06:53AM

    by Anonymous Coward on Tuesday November 21 2017, @06:53AM (#599564)

    I'm a non-fucking moron. I don't get any.

  • (Score: 2, Insightful) by Anonymous Coward on Tuesday November 21 2017, @07:40AM (4 children)

    by Anonymous Coward on Tuesday November 21 2017, @07:40AM (#599572)

    In my experience, "security people" tend to be mono-focused to the point that it's a little scary. They frequently want security at the expense of everything else, and in many cases it is hard to tell precisely what or who they are actually securing.

    Consider precisely what being "secure" requires you to do these days. It requires you to download and install every update, preferably automatically. This means that the manufacturer gets indefinite control of your machine, the ability to install who knows what, including spyware (hi, Microsoft) and drivers intended to vandalize "unauthorized" equipment (FTDI, here's lookin' at you!). It removes the ability to have choice in your OS, which further consolidates the power in the manufacturers, and arguably the government, over what you can do with computer devices. Changing specific aspects of how the kernel functions like this that basically have the kernel commit suicide can fall into this category quite nicely.

    With things like Windows 10 S being claimed "secure" despite clearly putting Microsoft in control of what software it lets you use and ultimately how you can use your system, changes to the firmware Intel is pushing, and many other factors, ultimately it appears that security is indeed an important goal. Specifically, securing the machine against you, the nominal owner, in favor of control by the manufacturer. This goes way, way beyond the argument that you don't control closed-source software. This is a fundamental change in the way that things are done, and at your expense, in the name of "security," but not for your security.

    Be somewhat skeptical of security people, folks. A great many are very, very good. Others are mediocre but well-intentioned, bleating out the "update everything" mantra without even warning of the caveats. They actually want to help, but they are just doing what they are told, which is very short-sighted and does not spread understanding as to why these things may be bad. But some are blinded by their own zeal, and frequently leave a mess when they try to staple things shut, unaware of (or indifferent to) the problems they cause trying to secure the system. And unfortunately, some there are some who do not have benevolent intentions, and many companies are more interested in their own security far above the personal rights of their customers.

    • (Score: 5, Interesting) by meustrus on Tuesday November 21 2017, @03:52PM

      by meustrus (4961) on Tuesday November 21 2017, @03:52PM (#599702)

      Getting into our current situation does not require security to be aimed at securing machines against their owners. There is a clear path to uncontrollable security policies that went something like this:

      1. Start with a security model that expects users to understand the implications of running executable code
      2. Break your security model with features like auto-executing code when a CD is inserted, sharing multimedia screensavers that the user is not likely to realize are actually executable code, and requiring full system access to accomplish common user-space tasks like installing a program for one user or running a web browser
      3. Realize that users are executing code they don't trust because of #2
      4. Scramble to create a protected execution mode for untrusted code and try to run everything possible in that execution mode
      5. Realize that #4 is impossible and the best we can do is to plug holes in your security model as soon as they are discovered
      6. Realize that because #5 leaves out-of-date systems at risk of already-fixed vulnerabilities and infected systems can spread their infection like a virus, the safety of everyone now requires that all users keep their software immediately up to date

      The root problem is #1. However, appropriate user training could have mitigated this. Unfortunately, #2 trained users everywhere to run any potentially useful executable code without considering how much they really trust the source. Now we're in a fundamentally untenable situation where the way everybody uses computers is incompatible with the basic security model.

      That solving #6 leads to Microsoft needing elevated access to every computer running Windows is just a natural consequence of this progression. Of course they're going to abuse this elevated access. I seriously doubt however that they were smart enough to set this chain of events in motion for that very purpose.

      --
      If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
    • (Score: 1, Insightful) by Anonymous Coward on Tuesday November 21 2017, @05:27PM

      by Anonymous Coward on Tuesday November 21 2017, @05:27PM (#599736)

      The fundamental problem is that "security" (of some object) almost always comes at the expense of "availability" of that same object. Here "security" is a measure of how difficult unauthorized use of the object is, and "availability" is how easy authorized use is. The value of the object being protected has to be considered to find a good tradeoff on these axes.

      For example, suppose I have a snow shovel which I use to clear snow but I don't like my neighbours to use it.

      At one end of the spectrum, I could leave my snow shovel leaning against the wall next to the path I need to clear. This is very high availability: I just pick up the shovel and start shoveling. But very low security: anyone else can do that too, taking my shovel and using it for themselves.

      At the other end of the spectrum, I could leave my shovel locked in a vault deep underground in another part of the country, with armed guards and the like. This is very high security, nobody will take my shovel. But very low availability: using the shovel now requires planning in advance and it is probably not possible to retrieve it on the days it is most needed. And if I misplace the key to the vault, the shovel is lost forever anyway.

      Most people quite reasonably value availability more than they value security, most of the time, because the value of securing things is usually low compared to the cost of losing access to them.

    • (Score: 2) by urza9814 on Tuesday November 21 2017, @07:16PM (1 child)

      by urza9814 (3954) on Tuesday November 21 2017, @07:16PM (#599797) Journal

      In my experience, "security people" tend to be mono-focused to the point that it's a little scary. They frequently want security at the expense of everything else, and in many cases it is hard to tell precisely what or who they are actually securing.

      I think you seem to be taking everyone who says to do something "for security" and assuming they're talking about THE SAME security. There's no single security community; it's all about who's writing each "expert's" paycheck.

      Any discussion about security needs to start with a focus on what you're securing and who you're securing it from. Trying to pull in every possible form of security all at once results in pretty immediate contradictions. For example, enable automatic updates so you get security patches immediately, reducing the amount of time your system might be vulnerable...but also disable automatic updates because you don't know what's in those patches, they may contain new vulnerabilities, and the update servers or your connection to them could be compromised too. If you're a Microsoft employee trying to protect against script kiddies, yeah, turn on those updates from the probably local update server. But if you're a dissident trying to defend against attacks from your own government, you might be better off skipping those updates. Or reviewing the source code if possible. Security does not exist as an absolute state you should move towards; it starts with a threat model and advances from there. Different people have (and indeed *should* have) different threat models and therefore different ideas about what is or is not secure.

      So of course corporate security folks just tell you to buy their latest and greatest -- they're representing the company, so attacks due to the company's negligence or malice aren't allowed to be part of their threat model (at least not in what they present to the public)...they're more going to be focused on pirates and script kiddies, in which case "run the latest version!" is pretty much the best advice they can give.

      Of course, some are just plain incompetent too. I'm not sure what kind of security would be *gained* by the issue mentioned in TFA, although I'm not sure I 100% understand the details either. Could just be job security :) Or it could be a matter of training...maybe Google is training these guys to secure proprietary software, so they get used to hacks of adding layers in front of a program they can't change. Which may be valid in some environments, but not so much in the Linux kernel.

      • (Score: 2) by DECbot on Wednesday November 22 2017, @12:01AM

        by DECbot (832) on Wednesday November 22 2017, @12:01AM (#599974) Journal

        I comprehend their threat model as "there are undisclosed bugs in the kernel that malicious apps in the play store can use to gain privileged access to the Android kernel. We need the kernel to panic when a bug is utilized to reduce our liability and give us time to patch the bug." While Linus's stance is "you should focus on reducing bugs, not increasing code count by creating hoops for the kernel to jump through and increasing the likelihood of kernel panics. Only morons want to make the kernel panic instead of patching bugs."
         

        To give a bad analogy, a home has a thermostat that produces undesired operation when subjected to cold drafts. The Pixel team suggests implementing a home security system that will report open windows and doors to the police when it suspects a draft and puts the house in lockdown in which nobody can use the house until it is rebooted. Linus says that's stupid and they should instead invest in a caulk gun and some better insulated windows and doors to prevent the drafts from coming in. However, it is summer so you don't know if you have any cold drafts that disrupt your thermostat when winter comes. But I only have a layman's understanding and thus could be missing something.

        --
        cats~$ sudo chown -R us /home/base
  • (Score: 4, Insightful) by sjames on Tuesday November 21 2017, @08:12AM

    by sjames (2882) on Tuesday November 21 2017, @08:12AM (#599579) Journal

    Perhaps this is where the swear words came from:

    This has lived in -next for quite some time without major problems, but there were some late-discovered missing whitelists, so a fallback mode was added just to make sure we don't break anything.

    So, in spite of being in -next for some time, it wasn't well tested?

    Given that, what are the odds of catching a bug vs. the odds of introducing one?

  • (Score: 4, Insightful) by Bot on Tuesday November 21 2017, @11:07AM (6 children)

    by Bot (3902) on Tuesday November 21 2017, @11:07AM (#599609) Journal

    To you, special snowflakes.
    You, who fight the injustice in this world, not by listening what the rude boy has to say, but by feeling offended and censoring him (it's always a him) no matter what.
    You are right.
    Of course, you always are.
    So, given that bad guy Linus has offered his evil patriarchal right wing nationalistic offending code under a license called GPL, please do one thing.
    FORK IT.
    No, it's not a cuss word. Fork as in spoon and fork. Look it up on wikipedia. Wikipedia is always right too.
    So, put up your beautiful unicorn github page.
    Then, author a beautiful Code of Conduct pdf in a proper calligraphic font and have all contributors sign it.
    Then work on your beautiful fork and let bad persons, who can handle being shout at and maybe find an argument to reply with, work with Linus.

    Everybody wins.

    --
    Account abandoned.
    • (Score: 2) by stretch611 on Tuesday November 21 2017, @03:25PM

      by stretch611 (6199) on Tuesday November 21 2017, @03:25PM (#599685)

      I know which version I will stay with...

      and might I add... well said.

      --
      Now with 5 covid vaccine shots/boosters altering my DNA :P
    • (Score: 0) by Anonymous Coward on Tuesday November 21 2017, @04:47PM (1 child)

      by Anonymous Coward on Tuesday November 21 2017, @04:47PM (#599718)

      Sounds like jealousy dripping in envy to me. Or just another bitter old worn out programmer. If you're working conditions suck so hard, I suggest getting a new job. Or a new life. Best leave the field and let someone younger and hungrier than you lead the way.

      • (Score: 2) by DECbot on Tuesday November 21 2017, @05:35PM

        by DECbot (832) on Tuesday November 21 2017, @05:35PM (#599739) Journal

        While a person whining about how they were rudely addressed does sound young, bitching and moaning about it does not make them sound hungry. And honestly, I would not like to follow someone who cannot stomach course language and harsh criticism. There's a big difference between "We're a community, not an audience!" and "FUCK BETA."

        --
        cats~$ sudo chown -R us /home/base
    • (Score: 1, Informative) by Anonymous Coward on Tuesday November 21 2017, @06:00PM (1 child)

      by Anonymous Coward on Tuesday November 21 2017, @06:00PM (#599755)

      as a liberal myself, I don't think he was patriarchal right wing nationalistic.

      i think he stood up to prevent his creation from getting soiled by commercial interests that are taking a great deal of liberties with it.

      the only snowflakes seem to be the monied interests that are upset he can't be made into someone's bitch.

      which seems to be that those interests are more traditional patriarchal right wing sorta stereotypical views like for big business and censorship of thoughts that violate the world view. Traditional liberals have an open mind. traditional conservatives... are conservative.

      i guess it could be stated that linus is not acting with an open mind, but he is, and he has rejected their approach and explained why. strongly, and with good reason. besides, English is the language of business and he expressed himself better than I could in any other language from his neck of the woods.

      • (Score: 2) by Bot on Friday November 24 2017, @12:53PM

        by Bot (3902) on Friday November 24 2017, @12:53PM (#601028) Journal

        > traditional conservatives... are conservative

        Exactly. The mindset is: linux became a decent kernel by NOT acting like mindless patch galore windows. Why change?

        --
        Account abandoned.
    • (Score: 0) by Anonymous Coward on Tuesday November 21 2017, @08:28PM

      by Anonymous Coward on Tuesday November 21 2017, @08:28PM (#599855)

      It's funny when seniors get grumpy!

  • (Score: 3, Insightful) by letssee on Tuesday November 21 2017, @09:54PM (1 child)

    by letssee (2537) on Tuesday November 21 2017, @09:54PM (#599901)

    You read the title and you think he *actually* verbally abused someone. But then it turns out he just uses the same language everybody uses in the bar when they're not trying to impress the boss.

    I don't think many europeans would bat an eye at the language, but each time he says fuck(*) the american media gets their panties in a bunch.

    (*) even though everybody says it all the time.

    • (Score: 0) by Anonymous Coward on Wednesday November 22 2017, @05:23PM

      by Anonymous Coward on Wednesday November 22 2017, @05:23PM (#600259)

      > even though everybody says it all the time.

      Don't know what the fuck you're talking about.

      :)

(1)