:: Re: [DNG] grsecurity ripoff by Goog…
Góra strony
Delete this message
Reply to this message
Autor: Arnt Karlsen
Data:  
Dla: Miroslav Rovis
CC: dng
Temat: Re: [DNG] grsecurity ripoff by Google, with Linus' approval WAS: I have a question about libsystemd0 in devuan ascii,
On Tue, 27 Jun 2017 12:09:49 +0000, Miroslav wrote in message
<20170627120949.wyhvph3uxrrpxhtr@gdOv>:

> On 170627-11:06+0200, Arnt Karlsen wrote:
> > On Fri, 16 Jun 2017 16:56:24 -0400, zap wrote in message
> > <505f058b-0fe3-16b2-157d-352d4d56b15f@???>:
> >
> > > how does one remove that package without removing anything else?
> > >
> > >
> > > I mean how do you remove it from being depended on by nearly
> > > every bit of software...
> > >
> > >
> > > I want to install openrc so that is why I ask...
> >
> > ..there's hope, it would take holding the systemd fanbois
> > to the same standards as the 'clowns' at grsecurity...
> > http://www.theregister.co.uk/2017/06/26/linus_torvalds_slams_pure_garbage_from_clowns_at_grsecurity/
> >
>
> Comparing grsecurity to systemd? That's like valuing true gold the
> same as cellophane.
>
> Heads, which is one of the marvelous thing that happened in FOSS
> lately, and it happened in the Devuan realm of OSes, remains, on top
> of completely free, secured with grsecurity, and not via the Schmoog
> underhanded ripoff of grsecurity code...
>
> Paid access to test patches
> https://forums.grsecurity.net/viewtopic.php?f=3&t=4699#p17127
> (
> the recent post by Bradley Spengler, spender, the inventor of
> grsecurity; who is truthful, and together with his anonymous friend
> who goes by the pseudonym PaX Team, but I strongly believe, judging
> by communication with them, that he is just one person... actually I
> also read what spender wrote somewhere to that effect...
> ...[and together with] PaX Team, they kept fixing the kernel, fixing
> all the security holes that Mr Linux wouldn't care about, because of
> his "all bugs are just bugs", security and other, attitude, and
> worse... In that recent post Bradley Spengler, a developer whom I
> trust, openly states, and all facts, all that has happened with the
> code, on that KSPP, serves as confirmation to his words... He openly
> states:
> > Google made the choice to engage in underhanded competition against
> > us with our own code.
> )
>
> ...[Heads remains secured with grsecurity and not via the Schmoog's
> underhanded ripoff of grsecurity code] which they pay people to,
> essentially, steal from grsecurity, precisely by means of the KSPP
> (Kernal Self Protection Project or so)...
>
> But [Heads remains secured with grsecurity] via the
> baton-passed-and-firmly-held and grsecurity code honestly
> maintained...
>
> On grsec and status of heads
> https://heads.dyne.org/news/2017/04/on-grsec.html
>
> which page should be updated with a link to minipli github page...
> just as the more up-to-date Heads 0.3 announcement says:
>
> https://heads.dyne.org/news/2017/06/release-03.html
> which points at:
> https://github.com/minipli/linux-unofficial_grsec/
>
> ...and so Heads remains secured with grsecurity that appears to me
> well maintained for kernel 4.9 (but although I may work thoroughly, I
> work very slowly as well... haven't checked the latest there yet).
>
> And Heads is gold, as well as the gold: grsecurity (along with purely
> free software) that it uses. Systemd is a very-bad ware, it is some
> spyware-enabler, and other bad things it is, as all poetterware is.
>
> Just as Linux governed by the Schmoog, it that is what the future
> holds for us, will become as intrusion-enabler as the Schmoog's own
> Chrome is... Secure, yes: secure, but for the stinking Google to be
> the sole one intruder to whoever uses Chrome/Chromium. Little hacker
> fish pretty much out, only the shark Schmoog controling you!
>
> Danger greater than we think!
>
> Linus, the kernel should be taken away from you!
>
> You've already tried to give it over to NSA, back when you
> accomodated for SELinux...
> (
> Developer Raps Linux Security
> http://www.crmbuyer.com/story/39565.html
> )
> ...but grsecurity saved us back then! And SELinux is little if any
> worth by this day...
>
> And now you've been giving it over to the Scmoog! Who is going to
> save us this time when the stinking Google itself has, as, and I'm
> citing spender again, when the stinking Google has engaged:
> > in underhanded competition against us with our own code
> "us" being spender and PaX Team and their few helpers.
>
> The kernel should be taken away from under the couple Linus-Schmoog!
> Great danger there! For your own freedom, tuxian!
>
> Not the first time that I'm calling for kernel to be taken away from
> Linus. See:
>
> Why is Gentoo not switching to systemd?
> https://forums.gentoo.org/viewtopic-t-998108-postdays-0-postorder-asc-start-300.html#7624044
> where find:
> > Linus, you sold us all. Kernel should be taken away from you! In
> > whichever way. Forked, best.
>
> And Arnt Karlsen, pls. do not compare grsecurity with systemd. It's
> as bad as putting a frog next to a horse or a knight next to a
> traitor and valuing them the same/honoring them with the same respect.


..by holding people to the same standards, you get to see exactly
how they earn your respect and/or scorn, and not.

..but you make an excellent case for forking the kernel, by forking,
you get to make your own judgement override that of Linus. Etc.
E.g. because of these: https://lwn.net/Articles/703000/ and
https://lwn.net/Articles/721883/

..googling systemd error messages is how I found out "it wasn't me
falling behind on too much Groklaw'ing", Theodore Ts'o was having
similar systemd problems and had to ditch system security to work
around his problem. IMO, he may have been sabotaged by the systemd
people.

..I guess we all here trust his and Linus' judgement on systemd. ;oD


--
..med vennlig hilsen = with Kind Regards from Arnt Karlsen
...with a number of polar bear hunters in his ancestry...
Scenarios always come in sets of three:
best case, worst case, and just in case.