Phoronix: Linus Torvalds Comments On The Russian Linux Maintainers Being Delisted
Linus Torvalds Comments On The Russian Linux Maintainers Being Delisted
The comments under the article are a special kind of braindead.
Yeah. Why is everyone saying this is removing their contribution credits? It's just a list of active maintainers...
This is not an unusual comment section on Phoronix, to put it mildly.
That's a fair point. I rarely read comments on news articles, but morbid curiosity overpowered my self-preservation instinct.
Linus has never been the best communicator, but he usually speaks the truth. But this is just bonkers and wrong. Not everyone living in Russia has "ties with Russia" other than "they were born there". If this is about sanctions, he could have still just told them that. But instead he just disrespected contributors completely and then double down in it by being xenophobic.
It's really disappointing seeing Russian contributors being disrespected like this, the regime that rules Russia wasn't entirely their fault, and allegiance, nationality, and ethnicity are all clearly different things
Also, wouldn't a state sponsored Russian hacker pretend to be from the US or something anyway? No way they'd contribute code as a Russian, that'd just increase others' suspicion
I agree with Linus a lot too but I strongly disagree here. I hope he's just being made to say this because of government policies
I don't understand how sanctions can impact free software, tbh, what's free about this? This leaves a weird taste, I have to admit.
Linux foundation is a US company, and he's a EU citizen and there's companies that those devs where employed that are under sanction , hot that hard to understand
Yup. If you don't want to "mysteriously fall from a window," you do what they say.
I agree 100% with Linus here
[Citation needed]
Free as in... obeys US foreign policy
I'm pretty sure not just the US wants Russia sanctioned to the oblivion. All of the Europe that borders Russia wants that. Now why would it be like that?
It makes no sense to discuss here.They probably follow Russia's narrative of Europe being a puppet of the US.
In the article, Linus explicitly said that it's not just a US thing:
And FYI for the actual innocent bystanders who aren't troll farm accounts - the "various compliance requirements" are not just a US thing.
That's more like his opinion or a post facto justification. Turns out it is a US thing.
If your company is on the U.S. OFAC SDN lists, subject to an OFAC sanctions program, or owned/controlled by a company on the list, our ability to collaborate with you will be subject to restrictions, and you cannot be in the MAINTAINERS file.
So to get back, you have to basically prove that you have no relations with OFAC SDN companies.
This update is from https://lwn.net/Articles/995186/
As a finn, I understand that there are probably legal reasons for doing this.
I just wish they would be transparent and share those reasons with us. The Linux kernel is certainly not the only free software project that is impacted, if this comes straight from EU/US sanctions. Maintainers of other projects have a lot of interest in what is happening.
Transparency is also important because if EU/US policy/sanctions are causing issues for free software projects, then that discussion needs to be public, so that there is a chance to amend the policies if necessary.
The legal reasons was because the Linux Foundation is based in the USA and the targeted devs worked for companies explicitly sanctioned by the USA. Linus said he knew and trusted the devs he was forced to delist.
The Linux Foundation needs to relocate to some stable neutral country like Switzerland.
Dude is Finnish, from his own mouth, it's just normal racism against an aggressive imperial, like how people hate the us
Edit: like how people from lemmy.ml hate Americans, if that wasn't clear
Everyone who disagrees with me is a paid russian troll of course. Nobody would oppose blacklisting people based on nothing but their nationality unless they were getting paid for it.
I guess it's difficult to otherwise explain the position you have? It's not like people face criminal charges in Russia just for speaking against it. It's easy to see how the state would want to introduce backdoors to most western systems.
It's extremely sad that a lot of good Russians get swooped in this. But even abroad their lives are in danger to fight the state.
I doubt if someone wants to introduce a backdoor, they would do that with a russian mailing address. People removed were open and transparent about their nationalities which means there is even less chance them being bad actors than some random guy pretending to be American.
I think you’re making up a world in your head. Who are these “lots” of “good” Russians who are abroad and whose lives are in realistically danger of state assassination? Not that it has never happened, but you’re blowing things out of proportion. Probably Russia does it at a scale roughly similar to the US.
That's true, as he said just use your brain, Russia is under sanctions he literally said that, so Russian troll is a actually very accuracy
“The imperial core is sanctioning Russia therefore you are a Russian troll.” Impeccable logic.
We're gonna start seeing large open source communities start to break into smaller ones because of sanctions from now aren't we?
You don't need sanctions. I've seen you petty fucks fork projects over a font.
They'll fight over fonts meanwhile WordPress is on fire and where are the forks?
Or a name
This article gives a good discussion about a potential coming East/West political split in the world of FOSS.
https://thenewstack.io/avoiding-a-geopolitical-open-source-apocalypse/
Some old folk are reminded of https://en.wikipedia.org/wiki/Export_of_cryptography_from_the_United_States
Shame to see this shit from torvalds
I'd really like to see the criteria for delisting people, though. As Russia is not the only one waging wars, there are worse countries out there. I guess it all boils down to Linus being from Finland.
Yeah the kernel might end up being forked if this shit keeps going. Sanctions affecting open source software like this was not something I expected...
Nah. If anything, USian and non-Russian companies will add one or two more devs to their efforts to take up the slack. Linux is the bedrock of their revenue streams.
There may be worse countries, but rest of the word is not in a proxy war with them.
An update:
If your company is on the U.S. OFAC SDN lists, subject to an OFAC sanctions program, or owned/controlled by a company on the list, our ability to collaborate with you will be subject to restrictions, and you cannot be in the MAINTAINERS file.
The US and EU governments have the criteria for sanctions available.
Man, I wish he'd leave the communication to someone else. He is so, so bad at it. And this isn't the first time
The way he attacks critics puts himself in a bad light. But much more importantly, I read this and am still unsure if he has administrative/legal reason, security reasons or political reasons...
If I'd work in Russian propaganda, I'd love this so much. Hope this will not cause disruption in the community.
It is inherently disruptive. And "knowing" Linus, if he apologizes for the communication, it won't come soon enough.
He alludes to sanctions being a factor but never clarifies on advice from his lawyers. ngl I don't like the look of it just from a transparency perspective.
Probably because the advice in question was lengthy and technical (subtype: laws and legality), and the short form had the disclaimer "Please don't publish the short form because it's too much like giving legal advice.) Something similar happened back in 2012 with Project Byzantium, when we were consulting with the EFF with respect to having cryptographic libraries included in the distro.
Lol, ml. users getting wild in the comments
One of the worst news I've read lately.
Why aren't Israeli maintainers removed? Oh because linux is basically owned by IBM now.
The linux kernel isn't free anymore. It's open source, but not free.
"Have we become so fearful? Have we become so cowardly That we must extinguish a man because he carries the blood of a current enemy?"
Maybe they can contribute to RedStar instead. Is best os for great compute.
Linux is the kernel, not the OS. RedStar uses Linux as the kernel.
I understand, thank you. My statement kind of assumes north korea is maintaining a fork of the kernel they patch and customize. It also implies NK is one of the few organizations that would accept russian contributions into their fork, given the somewhat limited number of linux projects operating outside of the sanctions.
Wutlol
Shit like this is why I use the most generic yankee cowboy aliases online.
Hey - an explanation. Who'da'thunk it?
I understand where this comes from, he is finnish but this is pretty unprofessional.
Linus unprofessional?! Surely you jest!!
Based Linus as always
are the tankies in the room with us right now
Lemmy was built by communists. you would be better served by going back to Reddit.
fremdscham++ 😬
Hm i never coded a line in my life, but i always wondered so honest question to the experts here: is it realistic that someone codes security back doors so hidden in other bad or wrong documented code, that nobody recognizes it in OSS community? I mean code is getting more complicated and specialized, dont you need more and more human resources (more than one person and hopefully not all with a bad intention) to check over that code? If im correct you shouldnt let more code into your software than the community is able to check an validate several times... Doesnt mean it has to be russians that need to be excluded idk
Yes, not only is it realistic, it has actually happened. It's easier to write code than understand it. Even when reviewing code, you miss more or less obvious issues. Not to mention intentional vulnerabilities that can be sneaked in over multiple commits and time span long enough to make reviewers forget the larger context.
There will be a million security issues across all OSS. Some of it will be intentional; if so definitely don’t expect it to be a “findable” back door. It will be a set of vulnerabilities across several projects, that when combined allow the perpetrators privilege-escalations or a known path through a security system. Removing “Russians” from contribution doesn’t actually stop that, everyone can use a VPN and work as an American or whatever, but it does send a signal.
Interesting answers, thanks!
This might not be super useful if you don't write code but I always found the contest submissions fun to read and try to figure out for the https://www.underhanded-c.org/ contest.
They break down and explain the runner up and finalist for each year and how the attack works. It's usually something very subtle that most people wouldn't catch.
Huh. Lot of people Russian' to conclusions in this thread.
Sorry.
Shhh. Let Linus Finnish.
Sorry for liking it.