A developer of some Ruby Gems pulled the code as a statement against certain entities (Department of Homeland Security — DHS) ultimately using the code. Chef gets owned in the process.
ZDNet has a good rundown of the incident:
https://www.zdnet.com/article/developer-takes-down-ruby-library-after-he-finds-out-ice-was-using-it/
It seems that developers at chef may have used an old copy of the dev's code to get things back up and running again, which seems like exactly the wrong approach.
This discussion has been archived.
No new comments can be posted.
Political Statement Takes Down Chef
|
Log In/Create an Account
| Top
| 57 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
(1)
(Score: 1, Informative) by Anonymous Coward on Sunday September 22 2019, @05:57PM (2 children)
OOOOO I love flaimbait!
(Score: 2, Funny) by Anonymous Coward on Sunday September 22 2019, @06:07PM
"Hello there, children!" "Hey, Chef!"
(Score: 2) by Revek on Sunday September 22 2019, @06:09PM
A AC loving flamebait. That unpossible.
This page was generated by a Swarm of Roaming Elephants
(Score: 0) by Anonymous Coward on Sunday September 22 2019, @06:06PM
Film at 11 [youtube.com]
(Score: 3, Interesting) by NickM on Sunday September 22 2019, @06:10PM (1 child)
I dislike almost everything about Chef:
It try to look like it's declarative when it is imperative, chef recipes are ruby scripts.
It requires a server to be useful.
It pull libs at runtime since according to the article the repo going down impacted some paying customers.
Ansible is a better solution and used sensibly (without the overpriced web gui called ansible tower) it cost 0$
I a master of typographic, grammatical and miscellaneous errors !
(Score: 0) by Anonymous Coward on Monday September 23 2019, @03:12AM
What do you think of Ansible compared to Puppet or any of the other open source alternatives?
(Score: 4, Insightful) by Anonymous Coward on Sunday September 22 2019, @06:11PM (20 children)
Freedom to use the software, by any person, for any purpose.
But today's leftists don't care about freedom. Instead ideological conformity rules the day. The ideology is so extreme that the *United States* is considered "evil." No doubt they would prefer Iran or North Korea. It's not surprising, today's liberal ideology isn't very different from those places.
These people have no idea what evil is, and while their software is welcome, they have no business pretending to be any kind of moral authority. Fortunately, the nature of free software is that you cannot take your ball and go home, no matter how entitled and childish you are. Once it has been released, your control over it is limited to the willingness of others to accept that control.
It does point to a certain risk assumed by users who draw their software directly from the source, rather than making their own copies - a mistake I've made in the past as well, but am now more careful about. The usual risk is malware finding its way in unnoticed, but the real problem is trusting that the publisher won't do something bad without you noticing.
You must always have control over all your essential technology. All. Of. It.
(Score: 3, Flamebait) by Azuma Hazuki on Sunday September 22 2019, @06:26PM (12 children)
Ivan isn't getting his money's worth out of you...
I am "that girl" your mother warned you about...
(Score: 3, Funny) by Ethanol-fueled on Sunday September 22 2019, @06:29PM (4 children)
"Ivan" is the democratic party. Fuck you Ruskies, we will beat you Hillary 90%-ers down!
(Score: 0) by Anonymous Coward on Sunday September 22 2019, @10:29PM (3 children)
Warren! Warren! Warren!
Tear down the wall!
(Score: 2, Interesting) by Anonymous Coward on Monday September 23 2019, @01:20AM (2 children)
While I tend to agree with you, I have to ask: what wall?
The orange moron has not managed to get any of his wall built, just some repairs and replacement of a very small(like his hands) section of existing barrier. What a total loser...sad.
(Score: 0) by Anonymous Coward on Monday September 23 2019, @05:28AM (1 child)
It's quite the replacement.
There were little 6-foot fences made of wire and perforated sheet metal, and there were anti-vehicle barriers that anybody could walk through. Now we have 500 miles of nice new barrier. Most of it is 18 feet or 30 feet high, with big fat bars as thick as human legs. It's quite respectable.
The dude redid a third of the border despite America's congressional enemies making things difficult. That is quite the feat.
(Score: 0) by Anonymous Coward on Monday September 23 2019, @05:08PM
500 miles??? Holy shit you'll accept any BS as fact that they spew at you on that propaganda channel. Try 13 miles [bbc.com], which hasn't even been built yet.
And don't be too impressed with any of this on account of the way he is trying to do it is unconstitutional and against the law, particularly telling subordinates to knowingly break the law and unlawfully seize property and that he would pardon them if they get arrested and charged.
And how much of this is Mexico paying for? That was the foundation of that campaign promise. Building it to fulfill a promise doesn't count when you don't fulfill the promise.
(Score: 5, Insightful) by fustakrakich on Sunday September 22 2019, @06:36PM (5 children)
*sigh* How 'bout shitcanning that Russian BS? It's so worn out.
And the point is true. Once it's released, it's out of your hands, and is none of your business.
Now, I would like to know why drawing up old code to keep the system running is the "wrong approach". It seems you do what you can until you find an alternative.
La politica e i criminali sono la stessa cosa..
(Score: 0, Troll) by Anonymous Coward on Sunday September 22 2019, @07:40PM (2 children)
Did the Republicans ever stop about Obama being a Kenyan Muslim? Bigotry is present on both sides.
(Score: 2, Insightful) by fustakrakich on Sunday September 22 2019, @08:13PM
Don't care. That's no excuse.
La politica e i criminali sono la stessa cosa..
(Score: -1, Flamebait) by Anonymous Coward on Sunday September 22 2019, @10:29PM
The certificate was shown to be a forgery and the person who validated it was the only casualty in an ‘accident’. I guess the NPC meme is apt here.
(Score: 2) by HiThere on Sunday September 22 2019, @08:14PM
Well, it's none of your business as long as you didn't foresee the abusive uses, or design it to enable the abusive uses, or continue to maintain it despite the abusive uses.
If you do any of those things, you need to balance the good vs. the bad, and decide whether it is proper to allow use to continue (if you control that) or to maintain it (if you do that).
If you release software you've pretty much got to accept that people will use it as they choose, because you can't stop them. Not unless you've got fancier lawyers than they do, or have judges in your pocket...and even then not until you can show that they are using it in ways that you didn't approve of. So you might as well say "I place no restrictions upon use", because only the honorable will attend to those restrictions anyway. I believe that MSWindows has been used to control nuclear reactors despite explicit prohibitions.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by VLM on Monday September 23 2019, @04:19PM
Back when the Russians were stuck with the "holier than thou leftism as a religion" outlook, our left got tons of semi-illegal support from the USSR, and then the Russians got based and don't social status signal their holier than thou marxist superiority, our american leftists are like angry jilted women lashing out at the (russian) man who dumped them.
So before the big dramatic breakup, the commies at CNN loved the commies at Pravda, but after the big breakup its all about hating the other side and anyone not in my corner is an agent of the other side plotting against me and all that stuff.
Just watch some womens soap opera dramas, especially some juicy breakup plots, and you get insight into our SJWs hating their former allies.
Fact of the matter is, between the jilted SJWs and the greedy military industrial complex, Russia got a bad rap for a long time. Now they're just some land empire on the other side of the planet, live and let live, etc.
(Score: 2) by Bot on Sunday September 22 2019, @10:51PM
Not completely on topic but I have a lot of fun every time a leftist mentions Russia.
First because when the same place was named URSS the roles were reversed, to the point of Russian cities being dedicated to Mr. Snitch Togliatti.
Second because the internationalists who want to abolish borders become very mindful of them when the human being who orients the policy of another human being is not a lefty
Third because in my place Italian antifascists killed other antifascists because they planned to annex more territory to the eastern bloc, and given that being antifa meant working for the allies they managed to be traitors squared or cubed depending on your POV of Italian civil war in 1943.
Account abandoned.
(Score: 4, Informative) by RamiK on Sunday September 22 2019, @08:15PM
No. When you download anything under BSD or GPL, you are, in effect, licensing it. You don't even have to run it. Just downloading the code is copying which puts the data transaction under IP transfer laws and copyrights specifically. So, if your government decided to allow software patents, you also need a patent disclaimer or you'll end up fucked by the likes of Microsoft even if it's GPL. This is why GNUPG doesn't support RSA or IDEA as they're patented. And if the government decides to sanction, say, Iran, by banning IP transfers, American businesses can't legally offer or use software from or to Iranian businesses and citizens even if it's "free". You can ask Huawei for how that works.
There's also liability issues that some licenses may fail to account for similar to how automobile and medical equipment manufacturers can't put a disclaimer on their products. For instance, privacy laws in the EU led to heavy fines being imposed on Facebook and Google over the tracking they perform despite notifying their users and offering the software free and open. The US is currently looking at even more serious actions including breaking them apart since it's clear their legal teams will drag the issue in courts otherwise.
Then you have legal restrictions on radio equipment with regards to accessing certain bands that may or may not limit some products from have an open source baseband or encryption export restrictions.
There's also limits on software penetration tools sales which is why they're chiefly traded in the dark web.
So no. It's not by any person for any purpose. Not from the suppliers end for certain. But on on the receiving end either.
compiling...
(Score: 5, Insightful) by fido_dogstoyevsky on Sunday September 22 2019, @10:46PM (1 child)
In many ways the US is evil.
No, because in many ways Iran and North Korea are evil.
It's NOT a conspiracy... it's a plot.
(Score: 2) by Freeman on Monday September 23 2019, @04:41PM
The US is evil in many ways. It's just that the likes of Iran/North Korea make the USA look like paradise. Which is a scary thought.
The USA's constitution was written and amended multiple times, usually to clarify even more freedoms for the people. The USA has strayed greatly from that original concept. Government for the people by the people. Then again, maybe the people are more like Trump than we'd like to admit.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 5, Insightful) by c0lo on Monday September 23 2019, @12:07AM
Congrats for establishing a new record of fallacy density: non sequitur, false dichotomy, strawman in less that 25 words/a couple of sentences.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 3, Touché) by Anonymous Coward on Monday September 23 2019, @12:48AM
Were you to observe it from the outside, you would realise that the United States *is* evil. Comparing it to other examples of evil doesn't make it good, it just illustrates its evilness in relation to others of its sort. "The lesser of two evils" is still evil.
Try it this way: would you rather a punch in the face or a kick in the balls? Does your selection mean that that option is good?
(Score: 0) by Anonymous Coward on Monday September 23 2019, @02:23PM
Leftists, Gracie? mmmmmmmmkay.
So the world considers our President to be a leftist and there's no conformism on the right? mmmmmmmmmmkay. *giggle*
And sharing openly is the best way of obtaining control. mmmmmmmmmmmmmmmmkay. *please stop as you are making me laugh so hard as to risk incontinence*
Can I get some of what you're smoking? Sounds like some righteous shit.
(Score: 2) by VLM on Monday September 23 2019, @04:26PM
There's a lot of code words and identity politics going on, but at the core its Jewish (wo)men hating White men, once the filters are removed. And there's various hangers on and innocent bystanders and well funded agents, but that's basically it.
(Score: 5, Insightful) by Anonymous Coward on Sunday September 22 2019, @06:24PM (4 children)
There are two major screwups here.
First screw-up: The developer. Under what license did they release this code? Was it a standard well known license? Had they ever read that license to see what was and was not allowed? Answer: likely no. The license they choose very likely allowed for this in which case this developer's reaction is just unwarranted. If you do not want others using your code, according to the terms of your license, and you select a standard license, then don't opensource/distribute it with that standard license.
Second screw-up: Never, ever, ever, build your downstream build system to depend upon a web URL being stable when you do not also control that web URL. If you depend upon some component at a URL that you do not control then the only sane method of dependency handling is to cache a copy of your dependency locally, in a location that you do control and setup your dependency to pull in that local cached copy. To do otherwise sets one up for exactly this, where that URL disappears, and your stuff now breaks as a result.
(Score: 3, Insightful) by sjames on Sunday September 22 2019, @06:56PM
That second screw-up does not bode well for a server configuration tool.
(Score: 0) by Anonymous Coward on Monday September 23 2019, @01:05AM (1 child)
Apache License 2.0 [1]
That license allows usage for any purpose.
[1] Mirror of the Chef Sugar repository: https://github.com/chef/chef-sugar/blob/master/LICENSE [github.com]
(Score: 3, Insightful) by number11 on Monday September 23 2019, @03:33AM
But there's nothing in the license that requires the developer (or anyone else) to continue to maintain a copy online. It's like "buying" something like a music file that depends on a DRM server to access. When they shut the DRM server down, I guess you still own your copy, but it's unuseable. (Microsoft, to their credit, is offering to refund the cost to some buyers, but not every company does.)
(Score: 2) by Hyperturtle on Monday September 23 2019, @05:26PM
This is no different for network monitoring.
I can't tell you just HOW MANY BUSINESSES HAVE GONE OFFLINE because someone set up a failover condition that checks on something like... 8.8.8.8... because "google never goes down". Well, they have been rerouted to china or pakistan or a little wooden hut on an island somewhere because of some asiapac ISP "administrative error". The ISP might have issues that cause a latency spike that triggers a failure despite it still being accessible... there are many good reasons to not point your business redundancy health checks at one of the most heavily destined IP addresses in the world, no matter how much faith one has in free services on the internet.
Do not monitor the health of your connections by measuring that which is not your own and using a sole administratively foreign object as the determination of action; if a failover action is depending on a virtual IP address that is somewhere else in the world, then its entirely possible that the next outage you have isn't because of a failure of your network or your ISP's network. It's an administrative design failure. Just like what the OP here said.
Likewise... do monitor what you can and do control, or become cooperative with those that host the objects being monitored, so that they understand (and accept) the dependency. The next time they do maintenance and assume everyone was using some floater IP address instead of the physical interface, they won't know they just took you down despite the fact that whatever was hard coded worked so well before they changed their topology...
Everything Mr. Anonymous has stated is true and works just as well in networking... and other disciplines. Just replace the relevant terms with your own applicable ones.
There's a term in security, but also works for real life, too... trust but verify. Trusting someone you don't know and then not verifying that the trust is well placed... you end up trusting only yourself after a few bad accidents. But if you verified things, maybe the trust would have been better placed. Same goes for licensing, dependencies, and hiring interviewed candidates for the job that includes understanding how to set up these things...
(Score: 3, Interesting) by Rosco P. Coltrane on Sunday September 22 2019, @07:34PM
From TFA:
The Chef CEO did add that he didn't agree with the ICE's practices of separating families and detaining children, but that "Chef as a company that transcends numerous U.S. presidential administrations."
Well, IBM sold tabulating machines to the Nazi and they're still around. Why would Chef feel compelled to act otherwise?
Corporations are psychopatic [politicususa.com]. They don't care about morals. So it's not particularly surprising...
(Score: 0, Offtopic) by bradley13 on Sunday September 22 2019, @08:24PM (5 children)
You don't put little kids in jail. Parents commit a crime, go to jail, guess what: parents separated from their kids. Which part of the word "illegal" do people not understand, when talking about illegal immigrants? Dragging kids along (often not even their own kids) is not a "get out of jail free" card.
Everyone is somebody else's weirdo.
(Score: 1, Offtopic) by Anonymous Coward on Sunday September 22 2019, @10:09PM
you fail to account for the responsibility for those children.
(Score: 0, Offtopic) by Anonymous Coward on Monday September 23 2019, @12:10AM (2 children)
Just so I'm clear here. Your argument is that the adults who bring these children are bad and wrong, so it's not only okay to cage, humiliate and abuse children who did *nothing* wrong (they had no opportunity to consent, regardless of whether they were accompanied by their parent(s) or someone else), it's our patriotic responsibility to abuse children. Is that about the size of it?
(Score: 0, Troll) by Anonymous Coward on Monday September 23 2019, @05:44AM (1 child)
If you steal a car, you go to prison, and you are separated from your children.
It's not fair to car thieves that they get separated from their children, but illegal aliens wouldn't under your plan.
The same goes for arsonists, burglars, rapists, carjackers, muggers, murderers, shoplifters, drug dealers, spies, drunk drivers, hijackers, and every other kind of criminal. Nobody gets to keep their kids in an American prison. Even newborns are separated from mothers.
You could call it part of the punishment. You could say that we are protecting the child from a bad influence. An adult who exposes a child to danger while committing a crime is an abuser.
If the kids were locked up with the supposed parents (DNA mismatch rates are very high), you'd bitch about that instead. This happened, and it why the law requires separation. Under the Clinton administration, kids were kept with the supposed parents and they were frequently abused. The law was passed for child safety.
In any case, the parents are freely choosing separation. First, they know our policy, and they decide to come anyway. Second, we offer them the immediate opportunity to be reunited by leaving the USA, but they prefer to remain here and be separated. Maybe the supposed parents don't love the kids enough to stay home or return home.
(Score: -1, Offtopic) by Anonymous Coward on Monday September 23 2019, @06:52AM
And the children of these car thieves are then placed in cages without clean underwear, toothbrushes or health care?
What "plan" would that be? I didn't suggest a course of action. I merely asked Bradley13 to clarify his position.
So. I'll ask you the same question: Do you believe that it is our patriotic duty to put innocent children in *cages*, without basic needs like bathing, clean clothes and toothbrushes?
I do not believe that's the case. If you're going to take on the responsibility to care for children, you need to give them an environment that doesn't traumatize them and treat them *worse* than we treat car thieves, murderers and rapists.
If a parent or guardian treated a child in their care the way these children are being treated, they would be charged, convicted and imprisoned for child abuse and a raft of other charges.
So I will ask again, do you believe that it's your patriotic duty to support the child abuse being inflicted on innocent children by *your* government? It sure sounds that way. Hooray! [youtube.com]
(Score: 3, Offtopic) by Mykl on Monday September 23 2019, @02:56AM
Republicans.
It's perfectly legal for a person to enter a country for the purpose of declaring asylum. If a person enters the country and does _not_ declare asylum, but remains 'undocumented', then _that_ is illegal.
(Score: -1, Offtopic) by Anonymous Coward on Sunday September 22 2019, @10:44PM (1 child)
Static linking.
(Score: 2) by c0lo on Monday September 23 2019, @12:09AM
Rigtho. Because the pre-millenials don't use interpreted scripts. No siree, they use systemd, right?
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 2) by epitaxial on Sunday September 22 2019, @11:56PM (15 children)
No clue as to what the fuck Chef is supposed to be. I went to their site but it was nothing but buzz jargon.
(Score: 0) by Anonymous Coward on Monday September 23 2019, @12:01AM (3 children)
It's a puppet for ansibles, you insensitive clod.
(Score: 0) by Anonymous Coward on Monday September 23 2019, @12:15AM (2 children)
Geez, you're stupid! It's an ansible [wikipedia.org]* for puppets, moron!
*And I included a link, so it's obvious I'm right.
(Score: 1, Touché) by Anonymous Coward on Monday September 23 2019, @12:23AM (1 child)
morons, it's clearly cfengine for noobs!
(Score: 0) by Anonymous Coward on Monday September 23 2019, @06:46AM
stop rubbing Salt in the wounds! (though it would explain the overall bad taste of DSC)
(Score: 2) by c0lo on Monday September 23 2019, @12:14AM
That's.... ummm... what's his name?... oh, yes, Gordon Ramsay.
(and no, I have no idea why celebs are suddenly worthy of S/N)
(oh, yes. GRIN - just in case someone needs it)
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Monday September 23 2019, @12:51AM
A 1993 British sit-com [wikipedia.org].
(Score: 3, Interesting) by RS3 on Monday September 23 2019, @04:39AM (7 children)
It's one of the many computer / server configuration management system softwares out there, often referred to as "automation" (I don't like that term, but it's being used.)
Some other examples are puppet, ansible, webmin... They're particularly good if you have many servers, cluster, etc., and want one central control and monitoring location.
(Score: 1, Informative) by Anonymous Coward on Monday September 23 2019, @05:33AM (4 children)
From what I've read [soylentnews.org], webmin is a particularly good choice if you want to outsource your server administration or allow multiple people to do so.
(Score: 1, Touché) by Anonymous Coward on Monday September 23 2019, @06:56AM (2 children)
Just so. Especially if you don't care *which* "multiple people" have such access, as Webmin is notoriously insecure.
cf. https://www.google.com/search?q=webmin+security+issues [google.com]
(Score: 0) by Anonymous Coward on Tuesday September 24 2019, @06:28AM (1 child)
You obviously didn't notice the first part of that comment linked to a story titled "Webmin Backdoored for Over a Year."
(Score: 0) by Anonymous Coward on Tuesday September 24 2019, @06:54AM
I did not. But that doesn't invalidate my post. In fact, I think it dovetailed nicely with GP's.
What's more, I upmodded GP once I saw the posting to which the link pointed.
(Score: 2) by RS3 on Wednesday September 25 2019, @05:40AM
Only if you allow access to it from the outside. I run servers on non-routeable address subnets, and only allow webmin access from specific internal IP addresses.
That said, I don't have, nor have ever, deployed webmin ongoing- just tried it from time-to-time, and frankly I don't like what it does to my config files. I wouldn't mind if it would just edit or add certain specific parameters, but it rewrites the whole thing, so bye-bye.
(Score: 1, Interesting) by Anonymous Coward on Monday September 23 2019, @07:14AM
I've hello-worlded my way through most of them, using one full time.
I think Microsoft nailed it by calling it desired state configuration (for their powershell-based offering)
infrastructure as code might be more descriptive, if more buzzword prone.
If you treat the entire state of the machine, (or a diff of its deviations from a base image, or perhaps even to create a 'base' image from install media) in a manner that's relatively os agnostic (and perhaps more importantly in the long run, cloud/hypervisor agnostic) then outside of data, (which can easily be mapped from another host) your servers (or desktops for those who seek adventure) become expendable. lose a drive? lose a cloud provider? just spin up a new vm elsewhere, apply the state, and you're node's up in seconds / minutes, not to the restore point of something like clonezilla, but to the latest pushed commits for your environment.
I also wouldn't lump webmin in this category. webmin is more of a configure servers as snowflakes method by default. though it can replicate configuration / modules to cluster members now?
(Score: 0) by Anonymous Coward on Monday September 23 2019, @11:40AM
> and want one central control and monitoring location.
And repeateable builds.
(Score: 2) by VLM on Monday September 23 2019, @04:36PM
Puppet is one extreme where you write a config on a central server that pushes out to the clients in a wierd DSL. All the client server fun you've come to enjoy. But the client is really lightweight-ish by 2000's standards so sometimes you need small.
Ansible uses python and YAML and tends to be implemented as a pull. Actually it works "OK" as a git repo for config and run locally, which is pretty fat on the client but TB of disk cost nothing and it hasn't been 1993 in a long time now.
Chef is like those two above had sex and its client-server puppet style but written in Ruby.
If there's anyone in the users groups of the three above that I have managed not to offend, I'll try harder next time. Aside from the sarcasm I'm not entirely wrong, and spent way too many hours sysadmining using puppet and ansible. Overall I am biased and prefer Ansible, if thats not clear. I did enjoy running puppet for many years.
Now I can offend the CFENGINE people, by claiming I don't have enough multiple personalities to run CFENGINE. I had a bad time with it once where *BSD had like five versions in binaries available because each was somewhat source incompatible with each other so you get to write everything like three ways to cover a heterogeneous network. I did not enjoy that experience. AFAIK nothing is quite as bad as CFENGINE.