Phoronix: Linus Torvalds Comments On The Russian Linux Maintainers Being Delisted
Phoronix: Linus Torvalds Comments On The Russian Linux Maintainers Being Delisted
Phoronix: Linus Torvalds Comments On The Russian Linux Maintainers Being Delisted
Huh. Lot of people Russian' to conclusions in this thread.
Sorry.
Shhh. Let Linus Finnish.
Ok, dad.
Sorry for liking it.
The comments under the article are a special kind of braindead.
Always is with Phoronix comments.
You find everything there from "Gnome is satanist" all the way up to pro-genocide crap.
I really don't know what it is about the site that brings out the craziest souch.
For half a second there, I was like "yeah, so glad Lemmy is more rational than that site".
Few comments later, folks be talking about "Ukranian Nazis"...
"Bcachefs sucks because I use ext4"
The absolute disregard of having any moderation is what does that. If there was any, there wouldn't be the cases like having someone be there by their third account, after the first two got banned.
Not to mention that controversy = angry people and trolls = more clicks = more ad revenue. I don't think Michael wants to miss out on it.
Yeah. Why is everyone saying this is removing their contribution credits? It's just a list of active maintainers...
This is not an unusual comment section on Phoronix, to put it mildly.
That's a fair point. I rarely read comments on news articles, but morbid curiosity overpowered my self-preservation instinct.
Banning Israeli contributers too?
Unironically I would support it
I would never. The idea that any person should be disbarred from contributing to FOSS due to the actions of their government, is incredibly exclusionary. Linus is acting as much like a toddler as daddy USA is.
Linus has never been the best communicator, but he usually speaks the truth. But this is just bonkers and wrong. Not everyone living in Russia has "ties with Russia" other than "they were born there". If this is about sanctions, he could have still just told them that. But instead he just disrespected contributors completely and then double down in it by being xenophobic.
It's really disappointing seeing Russian contributors being disrespected like this, the regime that rules Russia wasn't entirely their fault, and allegiance, nationality, and ethnicity are all clearly different things
Also, wouldn't a state sponsored Russian hacker pretend to be from the US or something anyway? No way they'd contribute code as a Russian, that'd just increase others' suspicion
I agree with Linus a lot too but I strongly disagree here. I hope he's just being made to say this because of government policies
And the most dangerous part here is the whole rethoric of "if you disagree, you are a Russian shill".
At this point it’s the Russians peoples fault.
I don't understand how sanctions can impact free software, tbh, what's free about this? This leaves a weird taste, I have to admit.
Linux foundation is a US company, and he's a EU citizen and there's companies that those devs where employed that are under sanction , hot that hard to understand
so are we okay with banning development time donated to foss because of nationality?
are these people found to support heinous shit or is this just wartime shenanigans?
Dude is Finnish, from his own mouth, it's just normal racism against an aggressive imperial, like how people hate the us
Edit: like how people from lemmy.ml hate Americans, if that wasn't clear
finland has pretty bad climate-change-exploitation-fucking-over-the-third-world dealings in my country, despite enforcing seemingly very good stuff inside their own borders so meh, id argue they aint close to the victims they make out to be. some would argue that as a consequence for having a strong socialist influence.
i have mixed feelings about them as a country, but i recognize there are plenty of good (and even well known good) people on there because of the aforementioned good stuff, linus included. for different but not that dissimilar reasons i think contemporary russian citizens should not be blanket banned from helping everyone out.
As a finn, I understand that there are probably legal reasons for doing this.
I just wish they would be transparent and share those reasons with us. The Linux kernel is certainly not the only free software project that is impacted, if this comes straight from EU/US sanctions. Maintainers of other projects have a lot of interest in what is happening.
Transparency is also important because if EU/US policy/sanctions are causing issues for free software projects, then that discussion needs to be public, so that there is a chance to amend the policies if necessary.
Politics should not be on FOSS development.
FOSS is inherently political though, but I guess you mean country vs country politics moreso than ideological politics.
That is hardcore wishful thinking, the nature by which critical digital infrastructure is developed and maintained is of keen importance to political systems everywhere. This situation was inevitable with the ongoing escalation of war
The F in FOSS stands for politics
It has to be there, because politics is connected with lawmaking, and open source software is dependent on laws.
A lot of people like to say that politics isn't in their life or that they keep politics out of their life, but the reality is that's just not true. The rules that govern society affect you, always, either with or without your input, either with or without your acknowledgment.
You're probably trying to say that we should keep pointless politicking out of open source software, and I agree, but that's going to come down to personal definitions of pointlessness.
The legal reasons was because the Linux Foundation is based in the USA and the targeted devs worked for companies explicitly sanctioned by the USA. Linus said he knew and trusted the devs he was forced to delist.
The Linux Foundation needs to relocate to some stable neutral country like Switzerland.
Switzerland is controlled by the US
Free as in... obeys US foreign policy
I'm pretty sure not just the US wants Russia sanctioned to the oblivion. All of the Europe that borders Russia wants that. Now why would it be like that?
It makes no sense to discuss here.They probably follow Russia's narrative of Europe being a puppet of the US.
In the article, Linus explicitly said that it's not just a US thing:
And FYI for the actual innocent bystanders who aren't troll farm accounts - the "various compliance requirements" are not just a US thing.
That's more like his opinion or a post facto justification. Turns out it is a US thing.
If your company is on the U.S. OFAC SDN lists, subject to an OFAC sanctions program, or owned/controlled by a company on the list, our ability to collaborate with you will be subject to restrictions, and you cannot be in the MAINTAINERS file.
So to get back, you have to basically prove that you have no relations with OFAC SDN companies.
This update is from https://lwn.net/Articles/995186/
Everyone who disagrees with me is a paid russian troll of course. Nobody would oppose blacklisting people based on nothing but their nationality unless they were getting paid for it.
I guess it's difficult to otherwise explain the position you have? It's not like people face criminal charges in Russia just for speaking against it. It's easy to see how the state would want to introduce backdoors to most western systems.
It's extremely sad that a lot of good Russians get swooped in this. But even abroad their lives are in danger to fight the state.
I doubt if someone wants to introduce a backdoor, they would do that with a russian mailing address. People removed were open and transparent about their nationalities which means there is even less chance them being bad actors than some random guy pretending to be American.
I think you’re making up a world in your head. Who are these “lots” of “good” Russians who are abroad and whose lives are in realistically danger of state assassination? Not that it has never happened, but you’re blowing things out of proportion. Probably Russia does it at a scale roughly similar to the US.
That's true, as he said just use your brain, Russia is under sanctions he literally said that, so Russian troll is a actually very accuracy
“The imperial core is sanctioning Russia therefore you are a Russian troll.” Impeccable logic.
We're gonna start seeing large open source communities start to break into smaller ones because of sanctions from now aren't we?
You don't need sanctions. I've seen you petty fucks fork projects over a font.
They'll fight over fonts meanwhile WordPress is on fire and where are the forks?
Or a name
This sets such a bad precedent...
The bad precedent was starting a war
Arguably, ITAR set the precedent in the 1990's during the crypto wars. USians used to have to travel to Canada to work on cryptographic code in OpenBSD because their commits couldn't legally be exported.
This article gives a good discussion about a potential coming East/West political split in the world of FOSS.
https://thenewstack.io/avoiding-a-geopolitical-open-source-apocalypse/
He's gonna ban american and "israeli" maintainers too then, I guess?
Why? There aren't any sanctions for them in Finland?
Linus said it was to prevent security backdoors.
Wow, some real clown behavior from Linus.
Some old folk are reminded of https://en.wikipedia.org/wiki/Export_of_cryptography_from_the_United_States
Ah, the Crypto Wars...
Man, I wish he'd leave the communication to someone else. He is so, so bad at it. And this isn't the first time
The way he attacks critics puts himself in a bad light. But much more importantly, I read this and am still unsure if he has administrative/legal reason, security reasons or political reasons...
If I'd work in Russian propaganda, I'd love this so much. Hope this will not cause disruption in the community.
It is inherently disruptive. And "knowing" Linus, if he apologizes for the communication, it won't come soon enough.
Is there a specific reason for this?
Yes, the sanctions against Russia, as mentioned by Linus. The change also said the maintainers "can come back in the future if sufficient documentation is provided".
My guess is that the Linux Foundation must ensure that none of the people they work with are in any way associated with any organisation, person or activity on the sanctions list. And that they preemptively removed all maintainers that might risk violating the sanctions while they work with them to establish whether they might be covered by the sanctions or not.
Regardless of what you or they think of the sanctions, they are the law, and I don't think anyone wants the Linux Foundation to have to spend their money on lawyers and fines because they had a maintainer who also worked on a research project funded by a sanctioned entity. (If that is how it works, IANAL)
OK, that's the first reasonable explanation I've come across. I wish Greg Linus didn't reply in that kind of "angry" tone, because for some of us it's not that obvious.
Yeah, it seems like they genuinely are just trying to be compliant with the law. I do think the "anyone who has concerns about this is a Russian troll" thing is obnoxious though, knowing of the existence of sanctions doesn't mean we're all lawyers who know the requirements here for open source projects.
Underrated comment.
Compliance with sanctions from the US and EU IIRC
Sanctions apply on OS development?
I dont know ennough on the topic, does this ecen check out?
Finland is experiencing suspicious acts of sabotage and disruption and believes Russia is engaged in broad-ranging influence operations against it and other European countries
Since Linus is Finnish, this literally hits home for him, hence (probably) his reaction.
Yes, but this action sounds as effective against Russian espionage as burning any clothes that has red blue and white in them.
Nobody has stated any actual reason. Based on Linus' comments, Russophobia is the likely answer.
Phobia, by definition, is uncontrollable, irrational, and lasting fear for something. In the current geopolitics situation I'd say that it's not uncontrollable and very much not irrational. Fear, as a fellow Finn, might be a bit strong word, but it's a definetly a concern.
When I first read that I thought that the response is a bit harsh, as Russian (and Soviet Union) individuals have traditionally been a big part of open source community and their achievements on computing are pretty significant, but when you dig a bit deeper on that, a majority of Soviet era things are actually built by Ukrainians in Kyiv (obviously Ukraine as a country wasn't a thing back then).
Also, based on my very limited sight on the matter, Russians are not banned from contributing, but this is more of an statement that anyone working for the government in Russia can't be a part of kernel development team. There's of course legal reasons for that, very much including the trade bans against Russia, but also the moral part of it, which Linus seems to take a stand on.
Personally I've seen individuals at Russia to do quite amazing feats with both hardware and software, but as none of us are in a void without any external infcluence nor affect, I think that, while harsh, the "sanctions" (for a lack of better word) aren't overshooting anything, but they're instead leveling the playing field. Any Joe Anynymous could write a code which compromises the kernel as a whole, but should that Joe live in Russia, it might bring a government backed team which can hide their tracks on a quite a bit different level with their resources than any individual could ever even dream about.
So, while that decision might slow down some implementations and it might include some of the most capable of developers, the fear that one of them might corrupt the whole project isn't unreasonable and, with ongoing sanctions in place (and legal requirements that follow) the core dev team might not even have a choice on this.
In current global environment we're living in, I'd rather have a bit too careful management than one which doesn't take things seriously enough. We already have Canonical and others to break stuff way too often, we don't need malicious government to expand on that with nefarious purposes which could compromise a shit on of stuff on a very fundamental level if left unattended.
All it takes is reading the article to see why it was done. You clearly did not do that and instead inserted your own agenda.
Fuck Russia. Pretty good reason.
He just applied Russians’ favorite soviet era saying “those who is not with us is against us”
the comments on the article started off pretty good but pretty quickly devolved into a cancerous combination of NAFO and Hasbara.
Shame to see this shit from torvalds
Shit like this is why I use the most generic yankee cowboy aliases online.
He alludes to sanctions being a factor but never clarifies on advice from his lawyers. ngl I don't like the look of it just from a transparency perspective.
Probably because the advice in question was lengthy and technical (subtype: laws and legality), and the short form had the disclaimer "Please don't publish the short form because it's too much like giving legal advice.) Something similar happened back in 2012 with Project Byzantium, when we were consulting with the EFF with respect to having cryptographic libraries included in the distro.
I'd really like to see the criteria for delisting people, though. As Russia is not the only one waging wars, there are worse countries out there. I guess it all boils down to Linus being from Finland.
Yeah the kernel might end up being forked if this shit keeps going. Sanctions affecting open source software like this was not something I expected...
Nah. If anything, USian and non-Russian companies will add one or two more devs to their efforts to take up the slack. Linux is the bedrock of their revenue streams.
There may be worse countries, but rest of the word is not in a proxy war with them.
The US and EU governments have the criteria for sanctions available.
An update:
If your company is on the U.S. OFAC SDN lists, subject to an OFAC sanctions program, or owned/controlled by a company on the list, our ability to collaborate with you will be subject to restrictions, and you cannot be in the MAINTAINERS file.
That sounds like an advice, not something official? Also why is an open source project affected by US sanctions? It's not an US open source project, or is it?
Hey - an explanation. Who'da'thunk it?
One of the worst news I've read lately.
Why aren't Israeli maintainers removed? Oh because linux is basically owned by IBM now.
The linux kernel isn't free anymore. It's open source, but not free.
Maybe they can contribute to RedStar instead. Is best os for great compute.
Linux is the kernel, not the OS. RedStar uses Linux as the kernel.
I understand, thank you. My statement kind of assumes north korea is maintaining a fork of the kernel they patch and customize. It also implies NK is one of the few organizations that would accept russian contributions into their fork, given the somewhat limited number of linux projects operating outside of the sanctions.
Wutlol
Lol, ml. users getting wild in the comments
"Have we become so fearful? Have we become so cowardly That we must extinguish a man because he carries the blood of a current enemy?"
Quote taken completely out of context.
The context is that a partial descendant of an enemy species (Romulans) was the victim of a witch hunt. He was half human and a starfleet officer. He had lived in the federation his whole life.
A real world equivalent example to that would be banning Americans with Russian ancestry that were born in America and lived in America their whole lives from contributing.
That is not what's happening here. You are arguing in bad faith. Picard would be perfectly fine with preventing Romulans in the Romulan Empire from accessing/modifying sensitive technology.
How does this prevent the Russians from accessing sensitive technology? Oh it doesn't! It just excludes them from contributing to Linux, not from using it.
Accusing others from "arguing in bad faith" are we?
Hm i never coded a line in my life, but i always wondered so honest question to the experts here: is it realistic that someone codes security back doors so hidden in other bad or wrong documented code, that nobody recognizes it in OSS community? I mean code is getting more complicated and specialized, dont you need more and more human resources (more than one person and hopefully not all with a bad intention) to check over that code? If im correct you shouldnt let more code into your software than the community is able to check an validate several times... Doesnt mean it has to be russians that need to be excluded idk
Yes, not only is it realistic, it has actually happened. It's easier to write code than understand it. Even when reviewing code, you miss more or less obvious issues. Not to mention intentional vulnerabilities that can be sneaked in over multiple commits and time span long enough to make reviewers forget the larger context.
There will be a million security issues across all OSS. Some of it will be intentional; if so definitely don’t expect it to be a “findable” back door. It will be a set of vulnerabilities across several projects, that when combined allow the perpetrators privilege-escalations or a known path through a security system. Removing “Russians” from contribution doesn’t actually stop that, everyone can use a VPN and work as an American or whatever, but it does send a signal.
Interesting answers, thanks!
This might not be super useful if you don't write code but I always found the contest submissions fun to read and try to figure out for the https://www.underhanded-c.org/ contest.
They break down and explain the runner up and finalist for each year and how the attack works. It's usually something very subtle that most people wouldn't catch.
fremdscham++
😬
I understand where this comes from, he is finnish but this is pretty unprofessional.
Linus unprofessional?! Surely you jest!!
Based Linus as always
Scratched liberals abound. It takes very liyyl3 for them to be racist and chauvinist.
Yes. What does "liberals" mean exactly?
It means supporters of the dominant ideology if capitalism, just like it has always meant.