Hi!
On Sun, Apr 30, 2017 at 01:55:16PM +0200, SK wrote:
> And it's not about money from what I've read, should read this if you
> want some more information :
If it's all just about credits, ego and personal conflict with LF - when
they the hell it affects everybody else? AFAIK Gentoo Hardened and
probably most other distributions which use GrSec/PaX have nothing with
all of this. Wanna say "fuuuu" to LF? No prob, change license to say only
listed Linux distributions may continue using GrSec/PaX for free.
This will makes it very clear sign of LF doesn't control GrSec/PaX and
doesn't punish end-users who has nothing with LF and that conflict.
But my original question has nothing with all of this. I was asking how it
possible for security-concerned people like GrSec/PaX developers to make
decisions which will leave vast majority of Linux systems less protected
than they are now? No matter because of that - money, credits, ego… -
none of these worth such a high damage to the world. And is it possible to
somehow minimize that damage. That's it.
P.S. I'm Linux user since 1994. And since that time I hear about LF twice:
read in news when it was created… and yesterday. That's because I'm doing
real work instead of playing politics. One may name it ignorance instead
and tell me if I leave politics alone it doesn't means politics will leave
me alone too… and that's true, of course. But at the end of day there is
no such thing as abstract politics, it's always about concrete people
making concrete decisions. And here we've very concrete GrSec/PaX
developers making very concrete decision to harm overall world security.
P.P.S. Leave NSA alone for the moment, because if it's all NSA then all we
can do is to hope Google or anyone else who has enough resources and good
will will just fork GrSec/PaX and continue developing it under GPL2.
And this discussion then doesn't makes any sense. There is a very small
but still non-zero chance my posts will change GrSec/PaX developers mind
about all of this, but none I can say may affects Google's decision to
fork or not to fork.
Also, if it's NSA case, next step will be to add backdoor into GrSec/PaX
(I suppose everyone realize that) which will eventually ruin Open Source
Security Inc. business anyway. So I just choose to believe this isn't the
case and no matter how strong NSA may push on them they didn't give up.
And all what's happens now has nothing with NSA.
--
WBR, Alex.
