Linux kernel proposed usage of Rust (which contains freedom flaws and a centralized code repository that is more prone to cyber attack and generally requires internet access to use.)
Linux kernel being written without security in mind. (KSPP is basically a dead project and Grsec is no longer free software)
Many GNU userspace and core utils are all forcing adaption of features without build time options to disable them. E.g. (PulseAudio / SystemD / Rust / Java as forced dependencies)
Not particularly surprised. Took some companies (like MS) a while but they’ve by now pretty much all figured out (except for Oracle, I guess) that simply “buying” people’s livelihood is quite an easy way to get what they want.
Hell, it’s even better than proprietary software for companies of this size, as they can get people to help with development, testing, documentation and support, for free and they get to control the development direction to a large degree! What a deal!
DRM support? Nothing to do with stability. Don’t want it? Don’t use it.
Rust usage? Experimental. If online crates are a risk then don’t use them, they are not a required part of writing Rust code.
Grsec being gone for the most part? Thank goodness because in my opinion those guys were crazy. They thought that everything should be sacrificed in the name of security when they didn’t even have plausible attacks to show. The kernel is 15% slower with our patches, but security!
Userspace tools have nothing to do with kernel stability. And again, if you don’t like it, don’t use it. What you’re actually complaining about here is that other people aren’t writing software to your requirements, for free. I am not sympathetic.
Don’t care. HDCP allows me to control my speakers when using the media controls on my keyboard when using my monitor as a USB hub. macOS does not, and its infuriating as my work computer is a Macbook Pro. It’s not like the DRM is effective anyway.
Rust is great. Rust should be embraced and can help us reduce the amount of memory safety bugs in the kernel. It’s honestly funny that you bring this up as a point of the kernel decreasing in security.
dgaf about grsec. It served its purpose in its time, but ASLR and friends are now mainstream.
User space has nothing to do with the kernel. As an aside, for all of its issues, systemd is so much better than the init scripts of the past.
That patch isn’t merged and I recommend you read the merge comments, their contents will be enlightening to you I’m sure.
Yes and C++ was proposed in the past and obviously shot down. “Rewrite it in Rust” is a meme for a reason. Practically every project under the sun has had random Rust zealots propose a rewrite at this point.
Security was never the goal of the linux kernel, the goal was speed and Torvalds has stated as much. If you want a security first kernel, openbsd is your beast.
As someone who has a system running linux without any one of these listed I can attest that it is a flat out lie.
I will only trust @wendell with his expert analysis of what’s happening with the Linux Kernel . I’d imagine that he’d say “the neck-beards would never allow it”.
DRM has nothing do with stability? Are you kidding…
From https://www.defectivebydesign.org/:
DRM only restricts and punishes those who have acquired their media legally through DRM-encumbered platforms. Even authors, along with independent labels, studios, and publishers suffer. When a distributor gains significant control over a particular market, DRM enables them to lock in their customers to their platform. Once customers are locked in, so are labels, studios, and publishers. If an independent publisher wants to switch away from a DRM-encumbered distributor, customers might have to re-purchase their media on the new platform. As with any instance of monopolization, businesses which dominate a market can arbitrarily dictate the price they charge, as well as the price they pay for media, because suppliers are dependent on them. Without DRM, users have control over their own media such as where, when, how, and on what platforms they choose to use their files.
DRM is not about limiting copyright infringement. Such an argument attempts to make DRM appear beneficial to authors and is based entirely on a (very successfully advertised) misrepresentation of DRM’s purpose. To illustrate the absurdity of the argument, consider the nature of file sharing: to obtain a copy of a file without permission, downloaders go to a friend or a file sharing network, not a DRM-encumbered distribution platform. If DRM existed only to prevent unauthorized sharing, every distribution method for that particular piece of media would have to be distributed by an uncrackable DRM-encumbered distribution platform, which is impossible on its own. So long as one copy becomes available without DRM, countless more are easily produced. Industry proponents of DRM are well aware that DRM is not a copyright enforcement mechanism. DRM is only marketed as a copyright enforcement mechanism to mislead authors into tolerating and even defending it. If we want to avoid a future in which our devices serve as an apparatus to monitor and control our interaction with digital media, we must fight to retain control of our media and software.
Why would any organization that is in favor of free software ever introduce support for something like this?
I remember when systemd used to be experimental, now almost every major linux distro has it as only option.
Yeah, security doesn’t matter, give me speed, I will think about security when the attacks start happening. No attacks yet? Who cares about being proactive, we will think later about it.
That’s a strawman if I’ve seen one. Userspace tools have nothing to do with kernel stability? Come on at least make an effort to think in terms of second order consequences. Gnome adopting and forcing systemd under Red Hat’s pressure basically started a whole new era for linux distros that don’t fit the unix philosophy. What a great precedent, now let’s add DRM too. I didn’t choose Linux because I wanted a free (as in no cost) Windows…
Being a meme doesn’t really make it better, organized Rust lobbying will eventually lead to some results and then it will be too late.
Yeah I am familiar with Torvalds’ "security problems are just bugs’ philosophy. Honestly it’s nothing special. I think he’s so biased against proactive security that he’s starting to overlook or disregard important matters.
That’s not at all what the text said…
Sure you can have Gnome running under OpenRC as is the case with Gentoo for example, and sure you can rewrite all the core utils to not depend on those features. That doesn’t mean it’s a lie. It just means it’s still free software and people who care are willing to do something about it. The fact remains that many core utils are indeed forcing these features without the build time options to disable them.
I admit I was hooked in with my own overzealousness a few weeks ago when I heard about Hyperbolic Linux BSD. But when I saw the DRM stuff can be enabled with flags, the Rust stuff is stuck in PoC, and PulseAudio being an obvious yes (do you want to live in a modern world or nah?)
I also lol’d at being mad at systemd. “But systemd isn’t Unix Philosophy!!!” GNU == GNU’s not Unix.
It literally never has lead to anything. This is just FUD
His approach to security has always been the bare minimum, as far back as version 1.0
Nothing has changed here.
How often do you compile coreutils, because I can tell you from experience that there is no dependancy on sysd, pulseaudio or anything other than C for that matter.
