login
Search
http://article.gmane.org/gmane.linux.kernel/706950
Again a mis representation in pulic?
--Siju
if ppl stop giving "special" consideration to security, the quality of
security enforcement could come down. Ideally we like to "clean" all
bugs. But as is pointed out, bugs are many. Prioritizing bugs and
"dealing with a strong deadline" is vitally important. classification
of bugs into domain is the most effective way to deal with them. Not
only does it help people concerened in the area to be aware..fast. but
also it helps in "discussiong" it with like-minded people. Posting a
security bug in a general list will prove a little hard, as the people
may not know what meat-in-the middle, priviledge escalation..etc mean.
Its just bare stupidity to "clout" the bug space by generalizing it.
One more point, The security bugs are important because the harm done
is usually "crafted", with "bad intentions" and "on purpose". It also
leads to financial "theft" an d"crimes" than just the normal loss of
data or worktime(as in normal bug). You could get pennnalized as
abeiting the crime. But a gui crash is always less severe. People can
quickly loose trust in the software and the services that depend on
them can be irrecoverabliy damaged. Think about it.... there are more
people engaged in penetrating, propagating security holes than filing
common bug reports.... it definitely isnt a time-waster for them.Hats of to open bsd people... its my second best distro for my
boundary router/firewall(if i dont use cisco that is.). My first
choice will be a kernel i "audited" myself... since i cant invest in
it... openbsd does a good job too... ;)--
As soon as men decide that all means are permitted to fight an
evil, then their good becomes indistinguishable from the evil
that they set out to destroy.
- Christopher Dawson, The Judgment of Nations
"OpenBSD - proudly powered by primates' privates"
--
Fergus Wilde
Chetham's Library
Long Millgate
Manchester
M3 1SBTel: 0161 834 7961
Fax: 0161 839 5797
I like to think OpenBSD attracts the kind of people that come up with
their own opinions from their own experiences and don't invest too
heavily in others' before attempting to formulate their own.
In other words, who cares what Linus thinks of security or OpenBSD?
Just because he's the figure head of a very widely known open source
project doesn't mean his opinions should be glorified or are more
important.
And this is exactly why I never try to intice new users over to OpenBSD.
If they're knowledgeable and appreciate correct/secure/elegant code,
they'll find their way in time.We like people who think for themselves and recognize what OpenBSD is
really all about. We don't want sheep.--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net/
"To me, security is important. But it's no less important than
everything *else* that is also important!" I.e. there are no shades
of gray in import hence importance is black-and-while. Hmmmm...--
Monty Brandenberg
IMO, this isn't the worst sentence on linus' interview. He has
the right to think anything about everything. He has even the
right to be plain wrong. But he should _not_ say this about
anyone:"I think the OpenBSD crowd is a bunch of masturbating monkeys (...)"
What's the point here? If he places security in second place, that's fine.
But don't say people who _do_ think like that is a bunch of
bastards.
*yawn* linus' opinion is as interesting as his relevance.
haha, poor linus cries like a baby coz not everyone is gonna kiss his
ass these days.of course security is not that important! there is no doubt, we've
seen numerous examples by linux indeed.well, guess what is worse: a db server crashed and rebooted, or a db
server rooted and all valuable information sucked out of it. jeez, i
always thought that linux "wants" to get into serious game of big
servers etc., but with the leader like that?.. gimme a break.he made my day with that comment! sorry guys for contributing to this,
just couldn't resist :-)p.s. i guess dr. freud would find some serious troubles deep in the guy ;-)
I took the care of reading all the thread. The guy is just asking linus
why the policy about security bugs isn't being followed. Linus replies
him telling that he do not want script kiddies to exploit the bugs. He
even says that security bugs are "normal" bugs. I think that linus
doesn't even know what full disclosure is. It's a shame for me, a linux
and openbsd user, to see the linux kernel main developer, saying things
like that. I think i might migrate my desktop machine to openbsd now.My 2 cents,
--
Giancarlo Razzolini
http://lock.razzolini.adm.br
Linux User 172199
Red Hat Certified Engineer no:804006389722501
Verify:https://www.redhat.com/certification/rhce/current/
Moleque Sem Conteudo Numero #002
OpenBSD Stable
Ubuntu 8.04 Hardy Herom
4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85
On Wed, Jul 16, 2008 at 03:45:23PM -0300, Giancarlo Razzolini wrote:
| I took the care of reading all the thread. The guy is just asking linus
| why the policy about security bugs isn't being followed. Linus replies
| him telling that he do not want script kiddies to exploit the bugs. He
| even says that security bugs are "normal" bugs. I think that linus
| doesn't even know what full disclosure is. It's a shame for me, a linux
| and openbsd user, to see the linux kernel main developer, saying things
| like that. I think i might migrate my desktop machine to openbsd now.I'd suggest you rethink your reasons for changing OS. If you want to
switch from Linux to OpenBSD (or vice versa, for all I care), please
make sure there's sound technical reasons for it. "The main guy said
something stupid" does not a bad product make.Cheers,
Paul 'WEiRD' de Weerd
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
http://www.weirdnet.nl/
I'm still using linux and openbsd. There are technical reasons for me to
do that. The problem here isn't the main guy said something stupid. The
problem here, and this is what is making me more annoyed, is that i used
to have a point of view, and thinking of Linus as a great guy, who made
something important. He actually did, but now he is making it just plain
wrong. You know, security bugs are security bugs. The other ones are the
others. Simple like that. Linus is not just putting all of them in the
same sack, but he is also offending who does not, like the openbsd dev
team. This is an unacceptable attitude from someone who is in the front
line of an entire operational system, and, who wanting it or not, has a
big influence, at least in linux world. So, i will not change my OS
because of what Linus said or not. I will change it because i think
openbsd is better. Plain simple like that. If i do not change, there
will be technical reasons for that, like my sound card not working on
openbsd, or something like that (mention to note, it does not work
properly on linux).My regards,
--
Giancarlo Razzolini
http://lock.razzolini.adm.br
Linux User 172199
Red Hat Certified Engineer no:804006389722501
Verify:https://www.redhat.com/certification/rhce/current/
Moleque Sem Conteudo Numero #002
OpenBSD Stable
Ubuntu 8.04 Hardy Heron
4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85
Oh he now develops code? I thought that ended somewhere in in '95.
He is very good at taking someone's else code and putting that into the
linux kernel, i can assure that. My mind changed a lot since i started
using OpenBSD. I know see that the development model of the linux kernel
is flawed. I know, every model has it's issues. But *the* issue in linux
model is linus itself. It's a shame.My 2 cents,
--
Giancarlo Razzolini
http://lock.razzolini.adm.br
Linux User 172199
Red Hat Certified Engineer no:804006389722501
Verify:https://www.redhat.com/certification/rhce/current/
Moleque Sem Conteudo Numero #002
OpenBSD Stable
Ubuntu 8.04 Hardy Herom
4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85
maybe it is noteworthy here that Sigmund Freud received his Dr. med degree
with a work on the spinal cord of lower fish species.
Well, shit, he's got ME nailed...
--
Systems Programmer, Principal
Electrical & Computer Engineering
The University of Arizona
marti@arizona.edu
Let me be the first to say--
Who cares?
I may completely disagree with him, but I'm not going to invest in a
flame fest over his comments.To each their own.
--STeve Andre'
<snip>
Being here when Stallman started the last flame "nuclear holocaust" war,
I feel a weird sense of deja-vu right now.
Eheh he's right :-) If you guys get your heads out of your asses and
actually read his words with the use of some common sense you might
get what he means. It's a balanced opinion.From what i've seen so far in this list, the BSD-crowd *is* "a bunch
of masturbating monkeys" anyway, i get much more decent reasonable
answers to my problems in any Debian list, along with constructive
criticism. Here it's rtfm and chest-thumping.Flame away boys, so i can gingerly ignore you :)
--
Nuno MagalhC#es
It's a totally misinformed opinion.
which is exactly what people in the OpenBSD project do, all the time (fix
normal bugs). That's the proactive approach to security: don't wait until
you have an exploit, just fix the darn bug.So, when he tries to say that the OpenBSD crowd has a different attitude,
I don't know who he's referring to, but certainly not me.I don't think you have any idea how hard we're laughing right now.
It's just so out of touch with how we see things, it's beyond pathetic.As you can see, my fellow developpers took it about the same way, but
with even more sarcasm...we don't give a fuck about security for security's sake:
free, FUNCTIONAL, secure. choose all three. Says so on the T-shirt.
That's the funniest part about this. If the attitude we have about the
issue in that disucssion makes us a bunch of wanking monkeys, I'll
lend him my baboon porn. He was saying the same things we say. Hell,
reading him in that discussion without the From: lines could make me
think I'm reading someone @openbsd.org//art
looks like the theme for the 4.4 release is sorted then.
_________________________________________________________________
Invite your Facebook friends to chat on Messenger
http://clk.atdmt.com/UKM/go/101719649/direct/01/
Can we get a sticker, too?
agreed. I barely can wait to see Ty Semaka artwork for 4.4. Definitively
it should include monkeys. And amoebas too.My regards,
--
Giancarlo Razzolini
http://lock.razzolini.adm.br
Linux User 172199
Red Hat Certified Engineer no:804006389722501
Verify:https://www.redhat.com/certification/rhce/current/
Moleque Sem Conteudo Numero #002
OpenBSD Stable
Ubuntu 8.04 Hardy Heron
4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85
I agree, monkeys should definitely be somehow incorporated into the
artwork for the next release.
ty draws openbsd developers as fish. and I think that we, the openbsd
developers, did enough to warrant a nice topic for the next release.
no need to resort to that strange monkey business.or do you want to honour a stupid remark made by l. by making him
the main theme of our next release? I don't think so. we have
more substantial work that goes into our next release than the
stupid remark of a wanking fat penguin that all to obviously does
not understand what we do.
On Thu, 17 Jul 2008 21:37:27 +0200
Wanking Sea Monkeys, then: the oceanic analogue of fleas,
at least in the area of genital proportion ;-)Dhu
Sea Monkeys?
I feed my fishes with sea monkeys!
guido
On Sun, Jul 20, 2008 at 7:42 PM, Duncan Patton a Campbell <
lol. Looks like someone is selling new stuffs over the net:
http://www.cafepress.com/spankymm
-zamri-
I guess Linus lost his ability to masturbate for a long time huh?
--
This e-mail may be confidential. You may not copy, forward,
distribute, or, use any part of it. Note, this text has no effective
legal binding on your part, there is no obligation to abide any or all
parts of this. Treat it with the same level of care as any other
pretending-to-be-law-speaking-but-not-really texts attached to e-mail
messages you normally find on any other e-mails. For more information
about disclaimers, please see:
http://www.goldmark.org/jeff/stupid-disclaimers/
I concede your point. My agreement wasn't meant to dishonor the dev
team. I just agree with a previous statement that owning something
that was intended as an insult can diffuse the intended malice while
at the same time providing a bit of mirth for the person at whom the
insult was directed.
Personally, I think It'd be a nice continuation from the theme of the 4.3
release.
_________________________________________________________________
Invite your Facebook friends to chat on Messenger
http://clk.atdmt.com/UKM/go/101719649/direct/01/
I agree entirely! The OpenBSD developers should surely be raised upon
shoulders for all of there work... However a mocking sticker would be
rather awesome!-Jim
I ask into myself what appen if the anyone of the FSF or GPLled people
send at least one cent to developers, to say thanks to OpenSSH or
OpenBSD for their FREE (as beer) good software.
I think OpenSSH and OpenBSD just with this cents, will be poor more than
Zimbabwe. But ANY FUCKIN PERSON can choose what it's important for HIS
project? OpenBSD choose security, linux choose to sell cheese kernel
with cheese buggy software.
Why BSD license it's bad and GPL good? Fuck all. Anyone can choose what
he want. I choose OpenBSD and his philosophy...
Francesco
Jah. Wow Linus, apparently making your code such that it is actually
stable and working is not a priority? Infact, itstead of not being
a priority at all its actually considered BAD?Linus is a nutjob!
--
Travers Buda
