On Sun, Apr 25, 2021 at 6:01 AM ac via talk <talk@gtalug.org> wrote:
It is EVIL to represent yourself as something you are not.
Agreed and once again these are just 'my' layman thoughts on this. Misrepresentation I feel and think is forgivable ? We have all done it at some point on our lives ? Me without knowing I was actually doing so and was rather abruptly and suddenly made to realise this. I apologized, they accepted. No harm done, we moved on - together! But pre-meditated and strategically planned careful introduction of vulnerabilities into the kernel is most definitely not. So like I said before we find them and we shoot them. The community are justifiably pissed-off me being one.
I am sure there are many who would like to see the operating system which drives the Internet, FAIL on a desperate and massive scale.
There will always be such people. We need to work in unity and solidarity. And that work is based on trust. And when this trust is literally shot to hell well... we shoot them again ?
It is EVIL to knowingly sabotage open source in this manner.
Agreed 110% again.
I hope and wish that ALL Opens Source Programmers BAN University of Minnesota for LIFE.
Umm.. that is extreme ? Two people did this ? These two people do not make up the University ? And there have been earlier patches made in good faith that so far seem legit and vulnerability free ? Again if an academic institute is able to submit 'useful' patches that 'fix' real problems that should be welcome ? But then I understand no one will ever trust anything coming from Minnesiota ever again.
I am sure that there are many Nation States or LARGE corporations that has, in the past, infiltrated many open source projects in this same fashion and I am sure that they are all EVIL for the damage and destruction they cause to human freedom on a planetary scale.
Deception, power, control and narcissistic. Hire these types of people?
Hell No!
Listen, do you remeber one of Linus's most famous quotes ? He said and I quote: "See, you not only have to be a good coder to create a system like Linux, you have to be a sneaky bastard too." So all I am saying is these two 'gentlemen' who introduced the vulnerabilities that can be exploited at a later time knew what they were doing so we can learn from them, document everything, analyse and ensure this does not have a wash-rinse-repeat pattern ? And we can always shoot them again after we find what we need to know ? Forgive me I did some digging and the reason was I really wanted to know 'where' this 'passion' was coming from. And what I find says you're from South Africa and the email came through Germany ? Hell GTALUG has people all over the planet ? Yikes..
They, and their institution, are now known worldwide for being ethically challenged.
You and me both want them dead but calmer minds ( like GregKH ) will prevail :-) In solidarity - Aruna
On Sat, 24 Apr 2021 11:55:00 -0400 Aruna Hewapathirane via talk <talk@gtalug.org> wrote:
Hello Everybody,
I am still trying to understand the reason 'why' would anyone even want to do this ?
Here is some context:
https://portswigger.net/daily-swig/ill-advised-research-on-linux-kernel-land...
And follow up from Linus himself:
https://www.tomshardware.com/news/linus-torvalds-responds-to-linux-banning-u...
I am also thinking if these two guys actually managed to do this they should be part of the community responsible for linux security ? Or we just hang them high and pour honey all over them and set loose bees and wasps on them ?
I am torn two ways. My heart says shoot them. My brain says hire them ? Sigh...
Just thought everyone would want to know so sharing :-)
Aruna
--- Post to this mailing list talk@gtalug.org Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk