- Joined
- Jun 12, 2021
in 15.1 that menu is allegedly gone, still doesn't change the fact that forcing signatures is only for retarded sheep.
The Linux Thread - The Autist's OS of Choice
- Thread starter tehpope
- Start date
-
🐕 I am attempting to get the site runnning as fast as possible. If you are experiencing slow page load times, please report it.
- Joined
- Oct 26, 2023
This assumes that it's harder to get an exploit into Linux than it is to get it into e.g. Apache. The paper was trying to establish exactly how hard it is to get malicious code into the thing that everything runs on.
- Joined
- Dec 19, 2022
You have ten thousand times more to worry about from yanks than from Russians and the Chinese.
khaine
kiwifarms.net
- Joined
- Jan 31, 2021
I just installed 15.1 and that menu existed when I was setting up OpenEmu
- Joined
- Jan 28, 2018
In theory computers should be segmented enough that a breach in one application doesn't necessarily mean a fully compromised system but in practice, yeah.
Supply chain attacks are wild, especially considering the dependency hell some programming languages and modern programming methods actively encourage.
Also licenses only have any value if somebody can actually legally enforce them. The chinese violate these all the time when it comes to linux. Nothing happens.
Last edited:
- Joined
- Oct 20, 2019
Russia is quite invested in Linux, though. I'm not sure they'd want to make the jump. They've got a sizeable number of maintainers (or did until Linus lost his mind last week - again). And its used by a whole bunch of governmental organisations whereas in the West you have Microsoft's and Apple's locks on government work. Well, front end anyway. Russia's technology ministry or whatever you call it issued a statement a couple of days ago about forking the kernel. I think that's a more likely path if this can't be reconciled. There's a tonne of hassle in simply administrative terms but at base, you'd end up in a situation where they can import anything they want from Western developers but Western developers are blocked by their own governments from importing anything the Russians do.
Perhaps ultimately it would become too diverged to do that but strong advantage to begin with. Plus Russia and China are both heading down their own hardware paths. If China uses a Russian kernel fork (likely if this circumstance comes about) then you're going to end up with Russian kernel support for all hardware and Western kernel lacking it. China, India, Russia, BRICS in general all using Chinese and Russian components would be a strong reason for them to favour the Russian branch of Linux.
I hope it doesn't come to this. Linus has long since gone from being a benevolent dictator to just a petulant one. He needs to be removed. Even if sanctions do force some kind of removal, the professional way to handle that would be to cite the sanctions involved and explain how they apply. That both clarifies the situation and is very helpful to other Open Source projects. The wrong way is to throw a tantrum, refuse all requests to clarify, ban people who criticise the move and sperg about how he's Finnish and hates Russians because they kicked out the Nazis from his country that his ancestors fought alongside.
I hope this can be resolved. Nearly all the comments I see since the banning from developers have been critical of it, not supportive. They want a meritocracy, not politics.
- Joined
- May 29, 2023
i remember a joke on top gear said by Jeremy all those years ago that applies here.
unless it harms them, the chinks will copy anything they want.Jeremy Clarkson said:
prollyanotherlurker
kiwifarms.net
- Joined
- Apr 1, 2024
Yeah I had heard about the study from that university and the whole situation. To me, it makes perfect sense to ban them from contributing. Purposely adding in vulnerabilities, whether or not the intentions were to use them. Is not something that I think they should take lightly. Knowing they are willing to do that once just for a study, would ruin trust in them to be relied on for further patches.
- Joined
- Mar 30, 2023
I feel like the proper stance is "trust, but verify." What the university did was a dick move which should put any future contributions into question, but they are trying to verify the integrity of the project. As it turned out anyone with a veneer of trust can upload dangerous or unstable code which would go unchecked. Who else has deliberately added malicious code when was accepted unchecked?
If Russia forks the kernel I can see them doing a full audit of the code and verifying any contributions. It could mean it moves slower and doesn't support as much, but it will be more stable and secure.
I wonder which de they will fork. Maybe Cinnamon?
If Russia forks the kernel I can see them doing a full audit of the code and verifying any contributions. It could mean it moves slower and doesn't support as much, but it will be more stable and secure.
I wonder which de they will fork. Maybe Cinnamon?
- Joined
- Dec 28, 2014
That's how I've always done it anyway, so no real change for me. Still a douche move.
You can also run apps just by straight up using sudo on them. If you're utterly insane, because that's an incredibly bad idea.
- Joined
- Oct 20, 2019
Not least because if I write something that pisses off the Russian govt., Russian police can't do anything about it. If I piss off the US govt.,
Just because your post appears to follow on from mine, I'm not talking about the banning of the University of Minnesota (what they did was idiotic), I'm talking about banning people for being Russian.
I don't know about that. If it reaches a point that kernels are actually diverged and no longer simply compatible (which wouldn't be immediate by any means) then all you've done is divide the same number of maintainers attention between two different code bases. There's a worse problem, too. And this might be the most important thing yet I haven't seen it raised anywhere.
Suppose a malicious state actor that wants to put an exploit into the Linux kernel. When the project is international you have greater security against that - non-aligned members reviewing commits cannot be leaned on to ignore it, are motivated to find it. That works both ways, whether it's some Russian or Belarussian maintainer spotting something the Americans try to sneak in; or Americans spotting something a Russian tried to sneak in. As someone living in the West, it's actually the former that is the greatest threat to me. I'm pretty sure that Linus Torvalds would assist and cover for the Glowies if they tried to get something in. And without maintainers unaligned with the US, they have a much greater chance of getting away with that. Of course you might well say that Western maintainers would also be often be willing to speak up whether they're Western or not. And you'd be right but I'd point out that it wasn't just Russians who got banned, it was also people who spoke up against Linus for banning them (Enrico Weigelt, previously got attacked by Linus for being "anti-vax", works on xorg). And given how large the kernel is and that discovering an exploit is likely to be done by one or two lone individuals - and they can totally be leaned on by the State to keep quiet.
This is very bad. The banning has so far been discussed in terms of right/wrong and meritocracy - good grounds for discussion. But it also needs to be discussed in terms of the effect which is to remove people that can't be leaned on to ignore exploits by Western state actors. That's a big deal.
We're talking about the kernel, so below the level of desktop environments. But for curiosities sake, I can tell you that Astra Linux is a Debian derivative and uses KDE by default. KDE originates in Germany iirc. I don't know where most of its contributors are from of there's any predominant region at all. But I emphasis everything so far has been about the kernel.
(@Susanna will be better placed than I am to talk about the state of Linux in Russia)
Last edited:
GNU Abyss
kiwifarms.net
- Joined
- May 30, 2023
As a side note, it's odd how all the vax sperging on the kernel mailing list in 2022-2023 is barely remembered now. It's a little blackpilling to know the people who are responsible for the most essential code underpinning your OS are also gay nerds prone to throwing temper tantrums just like some shitware dev, but it's very useful to keep in mind.
- Joined
- Jan 28, 2018
The study was simply unethical. Every fundation of trust you can have in such people is gone if they pull shit like this. They've proven they cannot be trusted to do the right thing.
It's also important to signal to everyone that fucking with the kernel like this is an absolute no-go and will have consequences.
Last edited:
- Joined
- Oct 20, 2019
Very strong Comment-Avatar synergy going on here.
- Joined
- May 5, 2022
Well when you are willing to build everything in China....
To play the devil's hand against this argument, the Linux kernel is filled with fucking exploits even when these maintainers weren't banned. I imagine it's only going to get worse.
I think the workaround for these sanctions (in a non Torvalds retard world) would to give a bit of time for everyone to clairfy themselves (Hey, are your still working IN Russia since you have a .ru email) and a sort of informal agreement in a hard fork situation for the forks to review each other's codebases and publish all exploits publicly.
Alas, we live not in such a world.
Won't be long before there's a rainbow flag forcefully inserted into popular distro desktops the way things are going.
prollyanotherlurker
kiwifarms.net
- Joined
- Apr 1, 2024
@Overly Serious is that first part saying the Russian government can't do anything about if someone does something they don't like. But the US government will?
That seems like it needs some clarification. Because I don't really know of anything beyond Edward Snoden like situations, where the government is going after people because they wrote something.
The only ones I see trying to stop people from writing anything, are companies, and individuals. Short of espionage, and terrorism. Thanks to the first amendment, as long as it's not a threat, or slander you can pretty much say whatever you want without any government action.
Just generally speaking I have a hard time understanding why people on either side genuinely think, Russia is better than the United States, or the United States is better than Russia. Both are going to do whatever they can to influence the rest of the world to get what they want. Both are going to try to get backdoors into whatever software they can, both will meddle in other countries business for their own interest.
To reiterate. This isn't me saying the United States is good, and Russia is bad. I'm saying both are bad. TBH, idk what's with people, especially far right people, liking Russia so much now.
I have always said the far right, and far left are two sides of the same coin. And the Russia thing is just another example of it. Both really love Russia for some reason. I can't help but think it's because people that get easily pushed into extreme political stances, are the ones are most vulnerable against propaganda if it's presented in the right way.
The thing I said about the Minnesota situation, is in reference to it being brought up in the context of this Russian developer thing.
That seems like it needs some clarification. Because I don't really know of anything beyond Edward Snoden like situations, where the government is going after people because they wrote something.
The only ones I see trying to stop people from writing anything, are companies, and individuals. Short of espionage, and terrorism. Thanks to the first amendment, as long as it's not a threat, or slander you can pretty much say whatever you want without any government action.
Just generally speaking I have a hard time understanding why people on either side genuinely think, Russia is better than the United States, or the United States is better than Russia. Both are going to do whatever they can to influence the rest of the world to get what they want. Both are going to try to get backdoors into whatever software they can, both will meddle in other countries business for their own interest.
To reiterate. This isn't me saying the United States is good, and Russia is bad. I'm saying both are bad. TBH, idk what's with people, especially far right people, liking Russia so much now.
I have always said the far right, and far left are two sides of the same coin. And the Russia thing is just another example of it. Both really love Russia for some reason. I can't help but think it's because people that get easily pushed into extreme political stances, are the ones are most vulnerable against propaganda if it's presented in the right way.
The thing I said about the Minnesota situation, is in reference to it being brought up in the context of this Russian developer thing.
- Joined
- Aug 17, 2022
I'm fairly sure there's no American backdoors in the kernel. It'd be a PR nightmare if it were to be revealed (Russia and China wouldn't care), and there's dozens of binary blobs under their control that they could hide stuff in instead. The bits of your computer that glow will be your UEFI and all the stuff in /lib/firmware.
- Joined
- Jan 28, 2018
I don't get this simping for eastern dictatorships either. My politicans might be shitty and corrupt, but they're my shitty and corrupt politicans godamnit.
Also even if you love hyperbole, there's still degrees of accountability here. You won't be thrown into prison for 15 years for saying that your president sucks and donating to the opposition, for starters. This makes the country you live in better by default.
They're not based. They're not your friends. They want the downfall of all you know. I hate and avoid actively to get political on the internet but it's becoming increasingly hard not to.
Also even if you love hyperbole, there's still degrees of accountability here. You won't be thrown into prison for 15 years for saying that your president sucks and donating to the opposition, for starters. This makes the country you live in better by default.
They're not based. They're not your friends. They want the downfall of all you know. I hate and avoid actively to get political on the internet but it's becoming increasingly hard not to.
Many people (funnily often the people that yell the loudest about "glowies") absolutely don't know how many layers their modern computer (and this includes their smartphone) has, neither do they care. There's at least one other operating system (it's more likely several) running on your computer right now. Your harddrive has enough computing capacity to inject malware into your main OS and spy on you, all by itself. I always think about this when the US government chooses to publish some inside knowledge of what a foreign government is going to do right before it happens. They're probably tapped into everything that matters. In an ideal world, you should be upset and angry and should want governments out of your shit. In the real world, be happy these guys are playing on your side, because the alternative would be a lot worse. Besides, if they want to get info out of you, they'll just send a guy with a metal pipe, some duct tape and a big bag. They don't need a rube goldberg contraption of exploits in open source. Even if they had it, they wouldn't waste it on you.
HootersMcBoobies
kiwifarms.net
- Joined
- Jan 7, 2019
To play Devil's Advocate here, you realize there are people who stayed within the velvet ropes while walking through a building on January 6th, 2020, are now serving years in prison after being sentenced in soviet-style show trails, right? I hope in your country you won't be thrown into prison for 15 years, but in the US we're getting dangerously closer to that which every passing manufactured CIA psyop. It can happen anywhere.
Hard drive? A microSD card has a built-in 32-bit micro-controller that can be modified to journal everything you write to it. It's insane how many processors are in everything. Insert the "You dawg I heard your like CPUs, so I put a CPU in your...." meme