Phoronix: Linus Torvalds Comments On The Russian Linux Maintainers Being Delisted
Linus Torvalds Comments On The Russian Linux Maintainers Being Delisted
Huh. Lot of people Russian' to conclusions in this thread.
Sorry.
Shhh. Let Linus Finnish.
Ok, dad.
Sorry for liking it.
The comments under the article are a special kind of braindead.
Always is with Phoronix comments.
You find everything there from "Gnome is satanist" all the way up to pro-genocide crap.
I really don't know what it is about the site that brings out the craziest souch.
The absolute disregard of having any moderation is what does that. If there was any, there wouldn't be the cases like having someone be there by their third account, after the first two got banned.
Not to mention that controversy = angry people and trolls = more clicks = more ad revenue. I don't think Michael wants to miss out on it.
Yeah. Why is everyone saying this is removing their contribution credits? It's just a list of active maintainers...
This is not an unusual comment section on Phoronix, to put it mildly.
That's a fair point. I rarely read comments on news articles, but morbid curiosity overpowered my self-preservation instinct.
Banning Israeli contributers too?
Linus has never been the best communicator, but he usually speaks the truth. But this is just bonkers and wrong. Not everyone living in Russia has "ties with Russia" other than "they were born there". If this is about sanctions, he could have still just told them that. But instead he just disrespected contributors completely and then double down in it by being xenophobic.
It's really disappointing seeing Russian contributors being disrespected like this, the regime that rules Russia wasn't entirely their fault, and allegiance, nationality, and ethnicity are all clearly different things
Also, wouldn't a state sponsored Russian hacker pretend to be from the US or something anyway? No way they'd contribute code as a Russian, that'd just increase others' suspicion
I agree with Linus a lot too but I strongly disagree here. I hope he's just being made to say this because of government policies
Yup. If you don't want to "mysteriously fall from a window," you do what they say.
I agree 100% with Linus here
[Citation needed]
so are we okay with banning development time donated to foss because of nationality?
are these people found to support heinous shit or is this just wartime shenanigans?
Dude is Finnish, from his own mouth, it's just normal racism against an aggressive imperial, like how people hate the us
Edit: like how people from lemmy.ml hate Americans, if that wasn't clear
finland has pretty bad climate-change-exploitation-fucking-over-the-third-world dealings in my country, despite enforcing seemingly very good stuff inside their own borders so meh, id argue they aint close to the victims they make out to be. some would argue that as a consequence for having a strong socialist influence.
i have mixed feelings about them as a country, but i recognize there are plenty of good (and even well known good) people on there because of the aforementioned good stuff, linus included. for different but not that dissimilar reasons i think contemporary russian citizens should not be blanket banned from helping everyone out.
As a finn, I understand that there are probably legal reasons for doing this.
I just wish they would be transparent and share those reasons with us. The Linux kernel is certainly not the only free software project that is impacted, if this comes straight from EU/US sanctions. Maintainers of other projects have a lot of interest in what is happening.
Transparency is also important because if EU/US policy/sanctions are causing issues for free software projects, then that discussion needs to be public, so that there is a chance to amend the policies if necessary.
Politics should not be on FOSS development.
FOSS is inherently political though, but I guess you mean country vs country politics moreso than ideological politics.
The F in FOSS stands for politics
The legal reasons was because the Linux Foundation is based in the USA and the targeted devs worked for companies explicitly sanctioned by the USA. Linus said he knew and trusted the devs he was forced to delist.
The Linux Foundation needs to relocate to some stable neutral country like Switzerland.
Free as in... obeys US foreign policy
I'm pretty sure not just the US wants Russia sanctioned to the oblivion. All of the Europe that borders Russia wants that. Now why would it be like that?
It makes no sense to discuss here.They probably follow Russia's narrative of Europe being a puppet of the US.
In the article, Linus explicitly said that it's not just a US thing:
And FYI for the actual innocent bystanders who aren't troll farm accounts - the "various compliance requirements" are not just a US thing.
That's more like his opinion or a post facto justification. Turns out it is a US thing.
If your company is on the U.S. OFAC SDN lists, subject to an OFAC sanctions program, or owned/controlled by a company on the list, our ability to collaborate with you will be subject to restrictions, and you cannot be in the MAINTAINERS file.
So to get back, you have to basically prove that you have no relations with OFAC SDN companies.
This update is from https://lwn.net/Articles/995186/
Everyone who disagrees with me is a paid russian troll of course. Nobody would oppose blacklisting people based on nothing but their nationality unless they were getting paid for it.
I guess it's difficult to otherwise explain the position you have? It's not like people face criminal charges in Russia just for speaking against it. It's easy to see how the state would want to introduce backdoors to most western systems.
It's extremely sad that a lot of good Russians get swooped in this. But even abroad their lives are in danger to fight the state.
I think you’re making up a world in your head. Who are these “lots” of “good” Russians who are abroad and whose lives are in realistically danger of state assassination? Not that it has never happened, but you’re blowing things out of proportion. Probably Russia does it at a scale roughly similar to the US.
That's true, as he said just use your brain, Russia is under sanctions he literally said that, so Russian troll is a actually very accuracy
“The imperial core is sanctioning Russia therefore you are a Russian troll.” Impeccable logic.
We're gonna start seeing large open source communities start to break into smaller ones because of sanctions from now aren't we?
This article gives a good discussion about a potential coming East/West political split in the world of FOSS.
https://thenewstack.io/avoiding-a-geopolitical-open-source-apocalypse/
???
We couped Ukraine in 2014 and their CIA, the SBU is committing acts of terrorism against Russia on at least a bi-weekly basis. Also, they've killed and continue to kill tens of thousands of civilians in the independent republics, for some reason.
The idea that Russia invaded Ukraine for no reason is absolutely brain dead
they’ve killed and continue to kill tens of thousands of civilians in the independent republics
Even if I assume the truth of that statement, do you not care about the deaths of Ukrainian civilians?
We couped Ukraine in 2014
My understanding is that Ukraine's parliament (Rada) removed Yanukovych from his position as president. That seems fair to me. Many countries, including the US, have legal processes for removing their leaders.
Reason: Russian bot
Reason: bot
The only bots here are the alt accounts downvoting coolusername.
Wow, some real clown behavior from Linus.
No, it's not good, it's blatantly russophobic.
I would get it if he would have simply stated that the Linux Foundation needs to abide by the sanctions, pretty much what GKH had said. But for Linus to go ahead with his stupid russophobic rant about Russian bot farms (LOL) is really too much.
I would get it if he would have simply stated that the Linux Foundation needs to abide by the sanctions
I mean, that's basically what he said:
If you haven't heard of Russian sanctions yet, you should try to read the news some day.
Doesn't sound like they banned Russians in general, just people employed by sanctioned companies.
Some old folk are reminded of https://en.wikipedia.org/wiki/Export_of_cryptography_from_the_United_States
Is there a specific reason for this?
Yes, the sanctions against Russia, as mentioned by Linus. The change also said the maintainers "can come back in the future if sufficient documentation is provided".
My guess is that the Linux Foundation must ensure that none of the people they work with are in any way associated with any organisation, person or activity on the sanctions list. And that they preemptively removed all maintainers that might risk violating the sanctions while they work with them to establish whether they might be covered by the sanctions or not.
Regardless of what you or they think of the sanctions, they are the law, and I don't think anyone wants the Linux Foundation to have to spend their money on lawyers and fines because they had a maintainer who also worked on a research project funded by a sanctioned entity. (If that is how it works, IANAL)
OK, that's the first reasonable explanation I've come across. I wish Greg Linus didn't reply in that kind of "angry" tone, because for some of us it's not that obvious.
Yeah, it seems like they genuinely are just trying to be compliant with the law. I do think the "anyone who has concerns about this is a Russian troll" thing is obnoxious though, knowing of the existence of sanctions doesn't mean we're all lawyers who know the requirements here for open source projects.
Underrated comment.
Finland is experiencing suspicious acts of sabotage and disruption and believes Russia is engaged in broad-ranging influence operations against it and other European countries
Since Linus is Finnish, this literally hits home for him, hence (probably) his reaction.
Yes, but this action sounds as effective against Russian espionage as burning any clothes that has red blue and white in them.
Nobody has stated any actual reason. Based on Linus' comments, Russophobia is the likely answer.
Phobia, by definition, is uncontrollable, irrational, and lasting fear for something. In the current geopolitics situation I'd say that it's not uncontrollable and very much not irrational. Fear, as a fellow Finn, might be a bit strong word, but it's a definetly a concern.
When I first read that I thought that the response is a bit harsh, as Russian (and Soviet Union) individuals have traditionally been a big part of open source community and their achievements on computing are pretty significant, but when you dig a bit deeper on that, a majority of Soviet era things are actually built by Ukrainians in Kyiv (obviously Ukraine as a country wasn't a thing back then).
Also, based on my very limited sight on the matter, Russians are not banned from contributing, but this is more of an statement that anyone working for the government in Russia can't be a part of kernel development team. There's of course legal reasons for that, very much including the trade bans against Russia, but also the moral part of it, which Linus seems to take a stand on.
Personally I've seen individuals at Russia to do quite amazing feats with both hardware and software, but as none of us are in a void without any external infcluence nor affect, I think that, while harsh, the "sanctions" (for a lack of better word) aren't overshooting anything, but they're instead leveling the playing field. Any Joe Anynymous could write a code which compromises the kernel as a whole, but should that Joe live in Russia, it might bring a government backed team which can hide their tracks on a quite a bit different level with their resources than any individual could ever even dream about.
So, while that decision might slow down some implementations and it might include some of the most capable of developers, the fear that one of them might corrupt the whole project isn't unreasonable and, with ongoing sanctions in place (and legal requirements that follow) the core dev team might not even have a choice on this.
In current global environment we're living in, I'd rather have a bit too careful management than one which doesn't take things seriously enough. We already have Canonical and others to break stuff way too often, we don't need malicious government to expand on that with nefarious purposes which could compromise a shit on of stuff on a very fundamental level if left unattended.
Man, I wish he'd leave the communication to someone else. He is so, so bad at it. And this isn't the first time
The way he attacks critics puts himself in a bad light. But much more importantly, I read this and am still unsure if he has administrative/legal reason, security reasons or political reasons...
If I'd work in Russian propaganda, I'd love this so much. Hope this will not cause disruption in the community.
It is inherently disruptive. And "knowing" Linus, if he apologizes for the communication, it won't come soon enough.
Shame to see this shit from torvalds
the comments on the article started off pretty good but pretty quickly devolved into a cancerous combination of NAFO and Hasbara.
Shit like this is why I use the most generic yankee cowboy aliases online.
He alludes to sanctions being a factor but never clarifies on advice from his lawyers. ngl I don't like the look of it just from a transparency perspective.
Probably because the advice in question was lengthy and technical (subtype: laws and legality), and the short form had the disclaimer "Please don't publish the short form because it's too much like giving legal advice.) Something similar happened back in 2012 with Project Byzantium, when we were consulting with the EFF with respect to having cryptographic libraries included in the distro.
I'd really like to see the criteria for delisting people, though. As Russia is not the only one waging wars, there are worse countries out there. I guess it all boils down to Linus being from Finland.
Yeah the kernel might end up being forked if this shit keeps going. Sanctions affecting open source software like this was not something I expected...
Nah. If anything, USian and non-Russian companies will add one or two more devs to their efforts to take up the slack. Linux is the bedrock of their revenue streams.
There may be worse countries, but rest of the word is not in a proxy war with them.
The US and EU governments have the criteria for sanctions available.
An update:
If your company is on the U.S. OFAC SDN lists, subject to an OFAC sanctions program, or owned/controlled by a company on the list, our ability to collaborate with you will be subject to restrictions, and you cannot be in the MAINTAINERS file.
Hey - an explanation. Who'da'thunk it?
One of the worst news I've read lately.
Why aren't Israeli maintainers removed? Oh because linux is basically owned by IBM now.
The linux kernel isn't free anymore. It's open source, but not free.
Maybe they can contribute to RedStar instead. Is best os for great compute.
Linux is the kernel, not the OS. RedStar uses Linux as the kernel.
I understand, thank you. My statement kind of assumes north korea is maintaining a fork of the kernel they patch and customize. It also implies NK is one of the few organizations that would accept russian contributions into their fork, given the somewhat limited number of linux projects operating outside of the sanctions.
Wutlol
Lol, ml. users getting wild in the comments
"Have we become so fearful? Have we become so cowardly That we must extinguish a man because he carries the blood of a current enemy?"
Hm i never coded a line in my life, but i always wondered so honest question to the experts here: is it realistic that someone codes security back doors so hidden in other bad or wrong documented code, that nobody recognizes it in OSS community? I mean code is getting more complicated and specialized, dont you need more and more human resources (more than one person and hopefully not all with a bad intention) to check over that code? If im correct you shouldnt let more code into your software than the community is able to check an validate several times... Doesnt mean it has to be russians that need to be excluded idk
Yes, not only is it realistic, it has actually happened. It's easier to write code than understand it. Even when reviewing code, you miss more or less obvious issues. Not to mention intentional vulnerabilities that can be sneaked in over multiple commits and time span long enough to make reviewers forget the larger context.
There will be a million security issues across all OSS. Some of it will be intentional; if so definitely don’t expect it to be a “findable” back door. It will be a set of vulnerabilities across several projects, that when combined allow the perpetrators privilege-escalations or a known path through a security system. Removing “Russians” from contribution doesn’t actually stop that, everyone can use a VPN and work as an American or whatever, but it does send a signal.
Interesting answers, thanks!
This might not be super useful if you don't write code but I always found the contest submissions fun to read and try to figure out for the https://www.underhanded-c.org/ contest.
They break down and explain the runner up and finalist for each year and how the attack works. It's usually something very subtle that most people wouldn't catch.
fremdscham++ 😬
I understand where this comes from, he is finnish but this is pretty unprofessional.
Linus unprofessional?! Surely you jest!!
Based Linus as always
are the tankies in the room with us right now
Lemmy was built by communists. you would be better served by going back to Reddit.