from 0x4E4F@infosec.pub to linux@lemmy.ml on 24 Oct 14:25
https://infosec.pub/post/19267276
Official statement regarding recent Greg’ commit 6e90b675cf942e from Serge Semin
Hello Linux-kernel community,
I am sure you have already heard the news caused by the recent Greg’ commit 6e90b675cf942e (“MAINTAINERS: Remove some entries due to various compliance requirements.”). As you may have noticed the change concerned some of the Ru-related developers removal from the list of the official kernel maintainers, including me.
The community members rightly noted that the quite short commit log contained very vague terms with no explicit change justification. No matter how hard I tried to get more details about the reason, alas the senior maintainer I was discussing the matter with haven’t given an explanation to what compliance requirements that was. I won’t cite the exact emails text since it was a private messaging, but the key words are “sanctions”, “sorry”, “nothing I can do”, “talk to your (company) lawyer”… I can’t say for all the guys affected by the change, but my work for the community has been purely volunteer for more than a year now (and less than half of it had been payable before that). For that reason I have no any (company) lawyer to talk to, and honestly after the way the patch has been merged in I don’t really want to now. Silently, behind everyone’s back, bypassing the standard patch-review process, with no affected developers/subsystem notified - it’s indeed the worse way to do what has been done. No gratitude, no credits to the developers for all these years of the devoted work for the community. No matter the reason of the situation but haven’t we deserved more than that? Adding to the GREDITS file at least, no?..
I can’t believe the kernel senior maintainers didn’t consider that the patch wouldn’t go unnoticed, and the situation might get out of control with unpredictable results for the community, if not straight away then in the middle or long term perspective. I am sure there have been plenty ways to solve the problem less harmfully, but they decided to take the easiest path. Alas what’s done is done. A bifurcation point slightly initiated a year ago has just been fully implemented. The reason of the situation is obviously in the political ground which in this case surely shatters a basement the community has been built on in the first place. If so then God knows what might be next (who else might be sanctioned…), but the implemented move clearly sends a bad signal to the Linux community new comers, to the already working volunteers and hobbyists like me.
Thus even if it was still possible for me to send patches or perform some reviews, after what has been done my motivation to do that as a volunteer has simply vanished. (I might be doing a commercial upstreaming in future though). But before saying goodbye I’d like to express my gratitude to all the community members I have been lucky to work with during all these years.
threaded - newest
byeeeeeeee
What pisses me off the most about NAFOids is the absolute and constant pettiness.
.
You’re welcome to fork Linux at any time 👋 see ya!
It still boggles my mind why Israeli maintainers are still in the kernel 🤯.
Next up, maintainers with red pubic hair.
Later in that thread:
But folks who work for US companies building weapons for Israel are totes okay?
It’s honestly fucking wild that an internationally developed open source project has to play by the US government’s rules when the US government is out here helping commit genocide right the fuck now.
Like, look in the fucking mirror on this why don’t you.
Maybe the better rule is that if you work for a company that produces weaponry for war you shouldn’t be allowed to contribute, period.
You may be amazed to learn that there aren't many international sanctions against the USA at this time, but I imagine you could probably get into legal trouble for collaborating with Americans if you're in, I don't know, North Korea maybe.
US isn’t helping fund a genocide in Israel or anything! /s
Address your complaints to the government of the USA. Or, if you have the right to do so, cast a vote in the upcoming election there to prevent it taking a big step in the opposite direction from a world in which it might consider anything like similar sanctions against Israel.
“Write a stern letter to a foreign government” and “Vote against ‘very probable 101% genocide’ and for ‘proven 100% genocide’” are some weak tea, and beside the point being made.
Your particular complaints are better addressed to almighty God I suppose. So long as you don't blame linux kernel devs for them it's all the same to me.
Oh look, a bad faith argument about the upcoming election from someone who I’ve tagged for making bad faith arguments about the upcoming election. Fun.
You may be amazed to learn that the reason there aren’t many international sanctions against the USA at this time is not because the USA is a beacon of peace, freedom, democracy, and national sovereignty. Because the US is very much not that.
Well it’s by far the biggest economy in the world and the whole world uses the tech developed in the US. sanction them and they could cut off your access to technology.
That’s beside my point, but since you brought it up, the US is not the world’s largest economy, and China & Russia seem to be doing alright despite US sanctions, including technology sanctions. The US is no longer the indispensable nation; that ship sailed a while ago.
It’s crazy how the US Treasury isn’t sanctioning companies for working on US government approved contracts. /s
It would be if Blinken weren’t burying government reports proving that it legally must.
Israel Deliberately Blocked Humanitarian Aid to Gaza, Two Government Bodies Concluded. Antony Blinken Rejected Them.
Then it would be sanctioning Israel, not defense contractors.
Yes and? You keep arguing against things I’m not saying.
I’d be perfectly happy if we told Bibi to fuck off. But the US government isn’t going to impose sanctions on itself.
The genocide has such wide support in the USA community and defense companies ( irregardless of the louder minority of people protesting it)
That if there were justice, then many other people and organizations would have similar treatment and be kicked
We can’t get away from politics, or limits, but if I will point out the hypocrisy
I feel a little bad encouraging the what-about-ism here but: Genocide actually does not have majority support in the US. Most polls show a majority of the public opposes genocide and what Israel is doing right now.
It’s a minority that supports it.
With that said, that’s not really related to the situation with the Linux kernel developers.
You’re right, it has shifted. I looked at the polls week overall it’s split into thirds. 1/3 for, about the same against and the balance not sure or don’t know
However I think a majority of older adults still support the crimes, as well as more conservative voters. But that is ordinary people. Government and defense firms are pretty dirty right now.
pewresearch.org/…/slight-uptick-in-americans-want…
What are you even trying to say here?
Do you think you’ve unraveled some massive conspiracy simply by learning about the existence of Western hegemony?
Wow, I didn’t know that being a Linux/open source contributor meant you don’t have to follow your country’s laws.
It’s developed internationally but devs still reside somewhere and have to abide by the rules at that place. Linux in this case being represented by an US entity means they have to follow the gov’s sanctions. If you want more or less of those, that’s where (the government) you act.
This isn’t about them being kicked out, this is about the fact we don’t know the process that resulted in this. Was this a decision Linus made after a night coding and thinking about the world? Was the foundation ordered to do it?
It lacks transparency into the process even if the outcome is fine and the way it was done doesn’t feel transparent, even if it makes sense not to include Russian coders in the project.
This is something I can actually get behind on.
But, you see, there is just one teeency weeency tiny problem with that. They spend trucks of cash on whatever they deem will give them what they want, including funding organizations that they profit from.
Who here said this?
Nobody directly just them pointing out the optics of the situation.
No, you are making strawman arguments and using whataboutism in an attempt to deflect.
You a bot or something? I’m not the OP.
Yes. I am a bot for not paying attention to user names and assuming that the commentor who defended the comment I replied to, was the same person that made the original comment.
Ironically it’s a very human error to miss a username change.
You want the World Bank to bail out your economy post-pandemic, you gotta accede to some tough demands
Which is exactly what anyone who wasn’t wanting to just snort some concentrated outrage knew was the case.
And you can argue as to if OFAC list should apply to things like this or not, but the problem is that the enforcement options for OFAC violations include ‘stomp you into the ground until you’re powder’, most people are just going to comply.
Also from that thread.
US law CAN’T apply on foreign ground, period. Nothing can. Just because they can bully their way around that, doesn’t mean they are right.
And it should be only fair that Israeli maintainers be removed as well.
They should also rethink their infrastructure policy and whether they still want it on US soil.
This is all wishful thinking, I know, but this just goes to show you how they have absolutely no backbone whatsoever. As if anybody is gonna touch the Linux kernel and jeopardize the safety of millions of systems. We all know that is never going to happen, but they still bent over for the US… so typical… just goes to show you how little backbone everyone has, including Linus.
Oh, and don’t get me started on the Russia/Finland history comment…
If the company is in the USA they can restrict who you colloborate with. They also can control what you export as a oftware product under ITAR/EAR rules. It is why when some encryotion work had to be done the devs crossed the border into Canada to work on development, because under USA law encryption code is a controlled export product even if opensource
Then why in the hell was the LF founded in the US? That is something that clearly needs explaining. For example, Sweden is a much better place to do these sorts of things, their software laws are very liberal.
Some of these things need to be rethought if you ask me, this is not something that should be left like this. If no one in the kernel, including Linus, doesn’t see a serious problem with “we have to move people around to code”, then most of these people are probably braindead… I’m sorry, but if it was me, once I found out I had to move devs around to code, I would have been “fuck this we’re moving the foundation”.
Thats a good point. I think its probably because most of the corporations who fund and contribute to the kernel are American, and coordinating financial and physical contributions would be complicated across borders. Just a hypothesis though.
But moving people around to code isn’t 🤨? I’m sure it far easier to justify a donation than to book plane tickets and find places for the devs where to stay. And to be perfectly honest, the whole point of open source is “you can contribute from anywhere”. The first time I would’ve encountered the move people around problem, I would have been “this is not the point of open source, it goes against the very spirit of it, we have to do something about this”.
You might be surprised to learn that Sweden also has sanctions against Russia, together with the rest of the EU, Norway, Switzerland, Japan, Australia, South Korea and a bunch of other countries. Because this is not about the US being an ass, it’s about Russia being an ass.
I wasn’t saying that Russia is not an ass, I was just saying that the whole point of open source is that it’s above borders and nationalities, religion, sexual orientation, etc. It should be an imperative to keep these core values, not bend over backwards when even no warning has been issued, which I’m fairly certain it would have never happened. And on top of that, Linus’es reaction to them being Russian, I mean… come on!
Where does this idea the open source is not political and above boarders. Open source is very political in its nature.
Political as in freedom to contribute, not political as in “we’re banning devs because they work for someone we don’t like”.
@0x4E4F @Auli I think it's a bit more like, "We're banning specific named individuals from being maintainers because they work for companies on an international sanctions list."
Even if that is the case, that doesn’t mean that their code or the code they approve is garbage. I don’t care who you are or who you work for. What you do in your life outside of open source is your own business. Quality of code is what matters in open source.
I’m sorry but that is absolutely not “the whole point of open source”.
The point of open source is the ability to read, modify, keep and share the source code of the software you use.
These projects are so big and complex that even with open-code a malicious actor is sometimes able to insert damaging code. Who suddenly made this decision? Did the US government order them to do this? If the US government can order them to do this, can they order the elevated coding status of a “benevolent” contributor on the US government payroll who is then ordered to put in a very hard to detect exploit? Open code doesn’t mean exploit free, it means exploits are more likely to be patched.
May I suggest you spend more effort understanding the situation, and less coming up with wild speculations?
You don’t get it. It’s the lack of transparency about kicking these people out, not the kicking these people out, that is the problem. Who made the decision?
It makes sense to sanction Russia for being an ass but the way this was done doesn’t feel open, and many people sense it.
I agree it might be better elsewhere. (Like how my preference is Protonmail being hosted by a neutral country based company) But so I don’t mislead, my encryption example was generic, not specific to linux kernel…however any novel encryption does have to be noted to NSA and other organizarions in the USA. Canada has something similar but it appeared less strigent, and adjustments have been made between the bordering countries. I personally diaagree that encryption should have government hand in it, it solves nothing. A foreign state actor wanting to send encrypted communications to overthrow another entity isn’t going to follow software laws anyway.
I also use Protonmail because of this. Sure, the free plan is not really great, but I only keep important stuff, so I don’t get over the 500MB limit, I delete or archive the rest.
That may he true, but only if you’re a US citizen. For example, my country doesn’t have such regulations. In the end, if it’s open source, it shouldn’t matter whether I report stuff like that to any organization. It’s open source, look it up, it’s on a git repo online freely for everyone to review the code.
Exactly. As if hacking and DDOSing are legal 😒. It’s just throwing money away on some people doing pointless things.
On the other hand, having a ln encryption technologies taskforce makes sense IMO. Watching over what’s going on in the open source world regarding cryptography, yeah, that is something that can actually be useful… for the country’s cyber-security I mean.
Don’t know if it would help as there are international sanctions against Russia.
Not everywhere. I seriously doubt Cuba has sanctions against anyone.
It would be much better if the company were not in a place in which gag orders can be issued, leaving questions as to transparency.
As it stands now, it isn’t clear if Linus is just “grouchy” about this with a unique personality or if the foundation got a NSL and can’t say anything. And that leads to questions about whether there were other NSLs other than this one and if it’s had an impact on the code.
Exploits are so hard to detect sometimes if done well and often although they get patched… eventually… the damage is done prior to the patch. The US government, despite doing lots of good things, engages in torture. And even if the US government is the “good guy,” this leads to less trust in the open-source ecosystem, no matter what the justification.
Does everyone here just not understand how international sanctions work?
As someone with a STEM degree in a STEM field, I’m consistently bummed out by how clearly silo’d my colleagues’ educations were. It is so plainly obvious as soon as you try to have a conversation with them about anything outside of their area of expertise.
And don’t bother trying to correct or teach them anything, because in their minds, they’re smarter than you, and you have nothing worthwhile to teach them.
This thread is full of software engineers with just no concept of how society functions, or even a basic understanding of the geopolitical context of any of this.
I mean, if you’re in a STEM field you really should understand how sanctions work because they matter to your work and, thus, to you.
Yeah, well… Look around
It wasn’t so long ago that Java developers had to download the unlimited strength cryptography extensions separately from the main Java development kit because of export restrictions involving encryption.
Edit: Links for the curious.
The whole idea of open source is that you can contribute without restrictions and regardless where you live.
That is not the whole idea. The whole idea is you can see the source code. There are plenty of Open source projects that are only one person and they don’t except help from anyone.
That’s shared source, look it up, it has nothing to do with open source.
I don’t think free software/open source has ever guaranteed the ability to maintain a specific project. Only the freedom to modify the software. They haven’t been stripped of that core freedom from the GPL which is the closest thing there to what I think you’re talking about.
They have been stripped of a role because of a thing that has nothing to do with their competence to contribute to the project. Quality of code is all that matters in open source, not who you are or who you work for.
Philosophically I agree, but legally the reality is different.
The reality is that there are many other wars around the world, yet the Russians are the only ones getting sanctioned. They should set an example by sanctioning everyone that currently works for a company that enables any military. Maybe then the world will see how stupid this whole thing is.
I’m not talking about what should versus shouldn’t happen.
Israel is not against the US at this point. Russia and the US are in a war with Ukraine being the middle man. Look at what the US did to Hauwei sanctioned it and forbid any us company from doing business with it. Basically none of the world could use the phones. All the tech the world is using is American so they get to say what any country can do.
What? Almost none of the tech where I live is from the US. Not to mention that Samsung is the biggest contender to Apple in the US and they’re more or less 50/50 with market share ATM.
The US is losing the war on world domination, something they were winning the past century or so, and they don’t like that. That’s basically the only reason any of this is happening. The war is just an excuse. As always, they would rather have Russia and China out of the picture than having to compete with them… because they can’t, especially not with China.
Oh hey, a reasonable comment here that actually has a decent score… These comments are wild. But given the recent… I’ll just say, conspicuously pro-Russian, turn this site seems to have taken in the run up to the election, it’s not exactly a surprise.
I’m shocked I didn’t get downvoted to shit myself.
It’s just that it was VERY clearly either sanctions or a NSL, since the Linux Foundation is in the US and the two things that result in a public entity like that making silent, un-explained changes are, well, sanctions and NSLs and you don’t say shit because your lawyer told you not to.
I don’t necessarily agree that tossing contributors off an open-source project is in the spirit of the OFAC list, but the problem almost certainly is that they’re employed by some giant tech company in Russia.
And, in Russia, like in the US, and Israel, and China, and anywhere else you care to mention, tech companies are almost always involved in military supply chains, since shit don’t work without computers at this point.
Which leads to a cycle of being unable to work with Weapons, Inc. and someone works for Weapons, Inc. so now that person can’t be worked with either and so your choices are… comply with the OFAC list, or take a stupid amount of legal risk up to and including angry people with guns showing up to talk to you.
We really don’t know the whole story and immediately jumping to “Imperialists bad!” is how certain chunks of Lemmy roll these days.
I think they’d be much happier if they all moved to North Korea and helped achieve the goal of Juche by becoming dirt farmers.
Smart dude. He knows exactly why. To pretend that he doesn’t is a sham. This whole “I don’t know whyyyyyy” face he’s put on is an absolute facade.
It’s odd your racism is this out and open.
“Russian Sanctions” due to Russia invading a peaceful nation and killing Ukrainians is not a race of people.
Russia is a country. Not a race.
Individual random people are not mentioned in the sanctions and have little to nothing to do with the state, just like the US. The foundation kicking out US maintainers during the Iraq war when the US was indiscriminately killing over a million Iraqi civilians would have been equally ridiculous.
So no, they don’t and shouldn’t have assumed this is due to sanctions. It’s free software they volunteering to help. There is no profit motive. They are not state actors. And most importantly to you,not all Russians are bad evil whatever slur you want to call them, you racist.
Linux has a lot of cryptography related to it, so yeah - it’s sanctions related. And these maintainers were all people who were contributing from within Russia or have ties to Russia.
The Russian troll tactic of calling someone racist to get them to back down from an argument is hilarious so I’m gonna just go ahead and agree with you. I’m racist against war. I’m racist against human suffering. Oh no, I’m such a racist. Oh no whatever will I do?
Oh that’s right, I’m gonna live my life and be happy about opposing Russian aggression against the Ukrainian people! Slava Ukraini
Good for you, these people, like yourself, have nothing to do with the Russian state, assuming so because of their race and nationality is racist.
Thanks for playing, conservative.
.
Living in a place does not mean you have anything to do with the Russian state, assuming otherwise due to someone’s race is racist.
Russia gets sanctioned. That means all its inhabitants as well. Too bad, so sad.
Oh, are you an expert on Russian troll tactics? No, you are not. What you are is a conspiracy theorist.
Frankly I’m losing my patience with this lazy, bullshit, thought-terminating cliché.
It would be nice to also be racist against the Israel/Palestine conflict as well… or any other conflict, wouldn’t you agree?
It’s weird how you somehow managed to single that one thing out, even though my comments already included it. That’s so silly. It’s almost like you have some sort of agenda or something…
Pretty sure what I said was CRYSTAL clear.
I may not have noticed all of your comments, I was only quoting from this one, which doesn’t mention anything else but Russia/Ukraine conflict. On the other hand, I mentioned “conflicts in general”.
And cryptographic data has nothing to do with the sanctions, the sanctions are purely monetary investment related, which also has nothing to do with intellectual investment, but LF decided to include that anyway, just so that they be “good little soldiers” and not get in any legal problems.
What definition of race are you going by?
Oxford dictionary: “a group of people who share the same language, history, culture, etc.”
Merrian Webster dictionary: “any one of the groups that humans are often divided into based on physical traits regarded as common among people of shared ancestry
Also: a group of people sharing a common cultural, geographical, linguistic, or religious origin or background”
Are you really still using debunked race science concepts in 2024?
Just because you group people based on a different construct does not mean you aren’t racist. What’s next, islamophobia is okay too?
Of course not.
But I sure as hell might start asking questions like “yo, where you from” on PRs… because Linus made that OK, so… IDK, I don’t really like US citizens and Israelis, so… oh why the hell not 🤷. /s
Which is great that we’re not talking about groups of people, but national lines on a map, cool how that works right?
They are under the jurisdiction of the Russian government, that makes them Russian. No matter if they’re from China, Africa, or Tim-buk-tu for all anyone fucking cares. Countries – are – not – people.
Racism requires you targetting – get this – a group of people based on their shared identity. None of these people have to have whatever identity you’re assuming they have, because they simply have to be…TADA – IN RUSSIA.
If I hopped over the border into Russia, I’d agree with not being able to access this stuff – Oh now, I’m being racist against myself! But hey, can’t logic someone out of a position that they didn’t logic themselves into in the first place.
We are actually talking about a group of people - banned from contributing to open source for being Russian. Read the post again before embarrassingly framing your sentences like a smartass.
Not for being Russian. For being IN Russia. Jackass.
If an African immigrant were there, he’d be banned too – If a chinese guy were there, he’d be banned too - it has nothing to do with race and everything to do with nation and location.
I linked the mans github, which SAYS he’s in Russia, and mods deleted it.
Let’s not go overboard.
.
It’s different, don’t you see? Those were peaceful bombings! /s
Of course, if you’re living in Russia, it’s dangerous to state anything other than support for Russia’s invasion of Ukraine.
That doesn’t mean it isn’t cringeworthy to watch someone awkwardly dance around it, trying to ignore it while complaining about (checks notes) losing a bit of reputation over an unnecessary war that their country started and which literally cost thousands of lives.
Any Russian who stands up against that is incredibly brave. The others, just different levels of sad. Non-Russians who support Putin are the worst.
I understand why you’d want FOSS to not care abot borders, wars and politics and that is noble. But to call this comment racism, comes across as a veiled show of support for Putin. As if critiquing his invasion is a racist act that hurts the Russian people. Putins invasion is hurting the Russian people. Not this comment.
I bet you wouldn’t have the same response if Israeli maintainers are being removed.
Bet you I would.
We will never know since it will never happen.
Then why are you here using it as an argument?
No, I’m just trying to point out how ridiculous this whole situation is and that it was handled by the LF, and especially Linus, in the worst way possible.
You couldn’t be more wrong. 🍉🍉🍉
Unfortunately, we would never know.
In all honesty, I’m fairly certain at the very moment he found out about it, he was puzzled. But, after reading 10 other Russians got removed as well, I’m fairly certain he knew, but wanted proof and closure. I would like both as well to be honest.
It sucks if well meaning people are caught up in this, but it also sucks if you’re living in the aggressor state of an ongoing war.
Yeah must suck to live in Israel.
Not as much as living in Palestine or Ukraine.
I don’t want to defend Israel, but their current war is a defensive one, no?
So shouldn’t this also include the US and the many countries (most of Western Europe, plus others) involved in coalitions bombing the middle east and elsewhere?
Yes, if the issue was a moral one. This issue, however, is a legal one.
Then it isn’t about living in an aggressor state, is it?
It is but doesn’t mean it has to apply to every country equally. This isn’t a movie everything isn’t black and white. We had a nice run where everyone was working together or are last tolerating each other, it was peaceful. But the US Russia and China are drifting further apart and becoming less reliant on each other, which sadly means it’s not going to be as peaceful going forward. Also they are not going to tolerate each other as much China Russia already have their versions of Linux distorts just imagine there might be more differences in the future.
At which point was it “peaceful”? The US invaded 3 countries around then and bombed and couped many more. Millions were killed.
Yes this will eventually lead to forks due to the US forcing decoupling. It is a highly aggressive terrorist state.
Whataboutism isn’t a very convincing argument.
It is if you’re biased.
I’m not biased and I’m not picking a side, but there is a lot of whataboutism is this thread and I stand by my stance that it is a weak argument and a logical fallacy.
US and EU double standards is what this whataboutism is all about. I can state this for a fact, since my country is also in this pickle because of EU double standards. And it is constructive if you have a valid reason to raise the issue. There is a valid reason to raise this issue.
And hypocrisy is even worse.
Can you use your own words to demonstrate why my argument isn’t convincing? What’s not convincing is throwing around the word “whataboutism” and thinking that’s an argument.
Yeah probably… But that’s a separate discussion isn’t it?
How is it a separate discussion?
Because this isn’t a post about the results of sanctions against the US?
No it isn’t. Read the comment I replied to.
These people allegedly work for companies that work for the Russian war machine. They will regain privileges if they don’t work for them. So if they find a moral job, they’ll be treated morally.
.
There have been more people removed than just the ones with .ru.
The commit also reads this:
Are they legally bound to follow any sanction list in their dealings? If so Linux foundation should consider move out of the US jurisdiction, because the santion load is just going to increase and more countries will be included.
If they are just doing this because of a political fad and partaking “the current thing” then they are just voluntarily digging their own and the linux foundation’s grave.
Not to mention more stupid shit, like not being able to visit the US if your wife is Russian, cuz… you know, you might be a spy.
My 2 cents. Nobody is asking them to do anything… yet… and they probably never will, but… they’re scared shitless and they would rather comply, even for things no one is asking of them yet and is dubious whether or not they’re even covered by the sanctions, than show some backbone.
Here’s an idea: don’t invade sovereign nations unprovoked.
(Can’t wait for the inevitable “whatabout America?!” reply. Yes, America is shit too and we deserved to be punished for Iraq… Unfortunately there wasn’t really any international authority that could do it)
That is a great idea! Unfortunately, not everyone has a say in that, especially mere mortals… you know, people like devs.
There is, the UN, but they silent, as always… at least regarding the US. We all know why…
Sure but they are working for sanctioned companies. Which from comments in thread are part of the Russian war machine. They do have that choice.
‘Russian war machine’ - is this perhaps similar to the ‘US Military-Industrial Complex’ that happily delivers bombs to IDF so they can slaughter women and children? It never bothered the peace-loving Linus enough to restrict military use of his kernel…
Let’s say that this company pays the best $$$ and that you really need money for… whatever… now, let’s reverse the roles and this person is working for a company that has contracts with the US military during the time of the invasion of Iraq.
See my point… there would have been nothing wrong with that, but all of sudden, it’s a problem if Russians do it 🤨…
Where should they move to? Countries that aren’t sanctioning Russia right now are likely to be… problematic? in other ways. But I am also pretty ignorant about which countries are on that list, and I would like to know more.
Maybe they need to become pirates on international water…
there are a number of countries that are neutral and unlikely to sanction anyone else, though one might argue about their democratic credentials, with a minor or major stretch. brazil, mexico, chile, colombia, costa rica, uruguay (just to name a few in latin america), andorra, malta, san marino, india, south africa…
Switzerland?
Switzerland is sanctioning Russia.
The US is not the outlier, here.
Linus chose to move to the US as well to become a US citizen.
To be fair he never claimed to be an idealist.
Also he is anti Russian himself as he made clear in his first comment in the thread. So being forced to remove them is probably a bonus for him.
.
Are we going to remove Israel maintainers from the list since IDF soldiers are using Palestinians as human shields?
Oh, no, because US is okay with that genocide?
It’s really more about how clearly fucking hypocritical it is.
So you think they’re against the invasion of Ukraine, and would like to see Israel hit with sanctions as well?
Because that wasn’t the impression I was getting.
I think we can all agree that what Russia and Israel are doing is horrific. Israel should be sanctioned as well, rather than letting Russia off…
That’s literally what I suggested elsewhere here: If you work for ANY company in ANY country that produces weapons for war for ANY government, that they shouldn’t be allowed to contribute.
Because that at the very least would be consistent.
Wouldn’t that stop nearly every country from being able to contribute?
Sounds like a convoluted way of saying to just let the Russians off, veiled as some over the top “consistency” argument.
Maybe let’s do that tho, and just start with Russia 😆
Way to purposefully misread it.
The whole issue is that the Russians work for companies with sanctions against them.
So, treat all companies involved in war the same way, and you’ll never run into this hypocritical issue again.
There’s plenty of companies (like Valve) who don’t directly produce weapons of war or have contracts with their governments for war-services who contribute to Linux that could still do so, and plenty of individuals who don’t work for military and military adjacent companies to contribute.
Acting like removing people who work at companies that contribute to wars will mean no one can contribute is obviously a grossly exaggerated misinterpretation.
That’s not completely unreasonable tbh, but I still think the current sanctions are fair if not perfect.
I didn’t purposely misread, this part was just a bit unclear:
Looking at what you quoted, that’s fair and can see how you misread it as such. I am sorry I said that it was purposeful.
But the US is never going to sanction itself.
Google or Microsoft employees wouldn’t be able to contribute, even if they’re not working with any weapons manufacturer during their entire career there.
The idea is great in theory but isn’t in feasible in rl.
Funnily enough, the steam deck has been used during the conflict to control remote weapons. So they could be implicated in this if you go far enough
You could use a knife to kill someone as well… hell, an umbrella as well.
This is the real world and you can think it ducks and it does but when your the 20000 pound gorilla in the room and there is nobody anywhere near your size you can do whatever the he’ll you want. And the US is that Gorilla. The whole world uses their tech in someway and their economy is by far the largest in the world. US is even looking at TSMC and selling chips to China cause the equipment TSMC uses to make chips is made by American companies.
There are no sanctions against these individuals. More importantly who gives a shit about what the US is whining about today or tomorrow, foss software is more important than whatever petty dispute the US egged on this time.
Russia invaded a sovereign nation…but that’s a petty dispute…are you sure you’re on the right instance? Sounds like you need to recreate your account here on ml…
Yes, it’s a petty dispute. The US has done the same every 3-6 years for the last 200. It’s a common occurrence for empires to do whatever they want. It has nothing to do with random citizens contributing to volunteer projects based in entirely disconnected countries.
The USA isn’t in this discussion right now. Russia invaded Ukraine and is trying to kill Ukrainians to take over their country. Iraq and Afghanistan wasn’t a petty dispute either. You tankies are shitty people.
I don’t give a shit about the Russian state. I’m not a tankie, I don’t care about random petty disputes between empires and whoever pissed them off. Let the unrelated people collaborate on the things that represent the end of such empires in peace.
A full scale war on a sovereign nation is not a random petty dispute…the fuck is wrong with you?
It is quite a beefy and roided dispute, imo.
My issue with the dispute is that it has jack shit to do with Linux, Foss or the open source community and the consequences felt aren’t against the people persecuting.
It’s a missed shot. The Russian fuckarchy doesn’t care if they get to contribute to Linux, or if they ever get to again, if they even know or care to notice in the first place.
The entire Linux community in Russia gets to suffer so a disapproving man in the Netherlands can wave his finger disapprovingly.
Is it worth it? Worth what? No one gets anything.
It’s a security risk is how it’s being looked at as well.
Sure go work somewhere else. Since it’s just the sanctioned companies.
Nope, it’s not.
If you want to rely in the logic that invading sovereign nations justifies this, you will have to discuss the US, the major instigator of war.
Sounds like you are just upset that your complete lack of consistency has been pointed out.
No this has nothing to do with the USA right now. It’s a strawman to whip out the “but the USA” card. Russia has sanctions, they invaded a sovereign nation, and are willfully targeting civilians. They’re fully against the west at this point, allowing them continued access to help build tools the west uses, is not only against the current sanctions, it’s also a dumb security risk as well.
Treating all members of a nation as that nation is dangerous and stupid. According to that standard you’re a racist, sexist, genocidal fascist who just kills anyone that doesn’t let you exploit them, assuming you’re American.
Native, but yeah sure, and when we invaded Iraq and Afghanistan, I agree with you, but Iraq and Afghanistan didn’t have a bunch of devs that worked on an OS that the world uses. It’s a security issue more than anything.
It’s really not, a smaller project? Maybe. A project with tens of thousands of eyes on it at all times? Not so much.
Here’s you making excuses for removing all the Russians from the contributor list: “Russia invaded a sovereign nation…but that’s a petty dispute…are you sure you’re on the right instance? Sounds like you need to recreate your account here on ml…”
Your logic, if you can call it that, is that if the country you’re from invades a sovereign nation, it makes sense to get kicked off the list. Guess which country invades sovereign nations every 3-6 years.
To make another point, of course the US is relevant, its government is the one making this exact thing happen.
No more excuses, champ. Gotta look reality straight in the face.
lol no it isn’t.
Yes we all know this.
The US has invaded at least 4 sovereign nations in the last 21 years. It has bombed far more in that time, including couping Libya, turning it from the highest HDI country into a failed state with open air slave markets.
The RF has been comparatively less harsh on civilians. Look at what the US, NATO, and Israel do to civilians. They bomb residential buildings, pharmaceutical factories, hospitals, schools, buses, civilian infrastructure. Millions died in Iraq, about half children, in the 90s due to the US systematically destroying civilian infrastructure and then coordinsting tight sanctions.
And do you know what preceded the RF invasion? Ukraine ramping up its civilian shelling campaign in Donbas.
Given what the West does with its power that is a smart position to take.
Yes and? You’re just admitting that this is a chauvinist political move headed by the United States.
It’s not a security risk at all, the Linux team has tight review procedures and all of these people have been making contributions as maintainers. There were zero concerns raised about their code.
PS the US is not entitled to the world and every international project.
Where is that a excuse? I was pointing out that it’s not a petty dispute, russia is trying to wipe out Ukraine…the fuck.
Ooo oo, I know this one…is it…whataboutism again for $400 alex?
Yea…no it’s not, russia is doing that on their own.
Ok. Reality, russia is a fucked up authoritarian state that willfully sends it’s people to rape, murder and commit war crimes, like it got its war plans from the viking era. How’s that for some reality. Champ.
Yea…yea it is.
Sweet…are we getting somewhere…
Ahhh nope apparently not…still humping about the USA.
Hahahhaha holy fuck…o wait you’re a tankie…
And a russian apologist…man this is just hilarious…you really are following the .ml tankie guidelines.
Lol for all the west’s faults, we’re still not even half as murderous as the authoritarian dictatorships you love.
Yea no…
Because it’s easier to just use sanctions as the reason. The idea that a authoritarian state wouldn’t force their devs to create backdoors for their state is hilariously naive, but you won’t see it that way because you’re a brainwashed tankie.
Yea no shit? Who said they are?
You just repeated the excuse. Right there, lol. And Russia has caused far less damage to Ukraine and its people than the US has to its targets. You are simply inconsistent and don’t believe your own logic. Your true motivations are elsewhere.
Oh, am I not allowed to point out your inconsistency because you have a term for doing that?
This post is about a thread where the people who removed Russians from the list did so under pressure by the US federal government are: their sanctions policies. It is literally exactly what I said and not at all what you said.
Please do your best to speak the truth.
It’s you distracting yourself through repetition because you cannot honestly respond to my points. So it is the opposite of facing reality, it is evasiveness.
Nope
No it is just trivially the case.
Because they did the thing that you agree deserves kicking out their citizens from the maintainer list. And they did it more.
Are you laughing at the mass civilian bombings or the starvation of children?
It seems you are afraid of basic facts that contradict your beliefs.
The West’s civilian death count is orders of magnitude higher than the RF invading UA.
You did, accidentally.
Ah yes, the thing you just made up that hasn’t happened and calls every developer in the country “their devs” is surely more correct than decades of code review practices and individual track records.
Re: brainwashing, you will notice that I am not the one running away from inconvenient facts at every turn. I am not afraid of such things, but they are clearly a threat to your way of thinking.
I quoted what I was responding to and that sentiment permeates it.
Most FOSS contributions are probably done by American companies. I don’t think people realize how many kernel developers are paid by someone to go it.
Nope, a decent amount are Chinese. Or European. American companies of course do fund foss so they don’t have to develop much themselves, but it’s certainly not most.
Again they have forgotten to remember the existence of people living outside the western bloc
You’re saying it like they have a choice.
Besides, stuff like this should not be constrained by the boundaries of nationalities.
.
It’s ridiculous how some see nothing wrong with delisting maintainers and are genuinely happy about such discrimination.
I would say sad… especially seen from other devs.
Not ridiculous. Majority of U.S propaganda is based on dehumanising people.
Also I read somewhere that this ban only applies to folk that work in companies that are sanctioned. So might not be straight up racism.
But I do agree with you. Who tf is U.S to sanction others while it’s formed on a genocide and still committing another one.
.
Fuck off with that shit. You are only contributing to the xenophobia and racism that allowed this shit to be accepted in the first place. Russiagate bullshit is qanon for liberals and you people disgust me.
Honestly must be incredibly stressful managing a project like the Linux kernel. Governments constantly wanting changes made for their own purposes, companies leeching off the work of volunteers, neck beards losing their minds over some change they don’t like.
I don’t envy them at all. This sort of change was inevitability going to piss people off - it could have been handled better but I think it was going to be lose/lose no matter which way it was done.
I personally think this is a cop out. Obviously people would have been outraged either way, but personally my only issue is about how it was done. The whole point of the FOSS community is openness and transparency. The senior maintainers of arguably the most important FOSS project trying to operate secretively on something like this has shattered my trust in them, as well as many others.
Basically, my stand on this.
And that it was dismissed like it was “no big deal” by Linus and some of the other senior maintainers.
But seriously, Linus’s comment regarding this was… just… I have no words… he basically put every Russian in the same basket, called them trolls and added a racist comment on top of that, I mean… yeah, I lost all respect for him. At least his previous fits were about code and only if someone fucked up something, this is completely different.
Exactly, that’s also my view. In Serge’s thread somebody else said Linus used to be his role model but now he is questioning his own beliefs. Sums up my feelings perfectly.
It sucks so bad, Linus really screwed up big time, and GKH dropped the ball as well. What kind of a hellish timeline is this?
Mine as well.
Not that invested that much, but I seriously, I thought Linus was better than this… I wouldn’t expect this even from Stalman to be honest, this is new level of low if you ask me.
I have no idea… if everything is dictated by corps and governments (at least ones that we can’t trust with simple things, such as healthcare), I really have really lost all faith in humanity as a whole… not because they’re not human, but because no one sees anything wrong with this, in general…
There are a huge number of online Russian trolls. That part of his response was not hyperbolic. They do have troll factories there to influence public opinion.
The problem is this still leads to questions about transparency about the project in general and how this decision was made and whether it was made by those involved in the project or was an order from the US government.
In the Linux kernel? No. Definitely not. Maybe you’d like to see what happened after they got removed from the maintainers list, it was spam and trolling, and that is not OK in any scenario.
My personal belief is that it was an advice by the lawyers and they went with it balls in because who would care about a few Russian maintainers, right 😒. Linus probably probably put GHK to it, as to not be him that does the PR, split the heat that may come their way, which it did.
I coldheartedly believe that Linus meant what he said since there was no apology afterwards. Russians are bad in general and they all think the same, they support Puttin.
I agree, it could have been done better.
My main concern with this happening is how much secret control the US government has over top Linux maintainers. Many commenters say that Linus couldn’t refuse the request from the government because he lives in the US and Linux Foundation is in the US. So what other requests from the government known to put backdoors into software they couldn’t refuse in the past or won’t be able to refuse in the future?
Yes, this is exactly my same thoughts.
This is terrifying.
I don’t like what the Russian government is doing and Putin is cruel and evil, albeit intelligent (which makes him even more terrible).
That being said, in the US, government agencies can order a company to do certain things, put in certain code, or whatever and then issue a gag order as part of that preventing disclosure. And although there’s a limit to how much that can screw over open-source software users, we do not know what exploits nation-states have, we don’t know what backdoors are in different chipsets or closed-source firmware.
If a developer writing open source code can be blacklisted so easily without transparency into the process, it suggests the company is being ordered to do certain things and not disclose them by the US government, which is a government that still engages in torture.
Notice how they are not coming out and saying “We were not ordered to do this by any government agency.”
Could the foundation be forced to elevate a developer with government ties who then is able to “accidentally” put in an extremely hard to detect exploit into linux that won’t be detected at first and only patched later?
I really wish companies associated with linux were not in a country that lacked transparency with government regulations and in which gag orders were not possible.
I, too, do not want to be deleted out of existence by the US government/military and so i, too, comply with sanctions.
We have reason to believe Linus and the kernel team are not filling the kernel with government back doors (for the thing, there’s a high chance someone notices and makes it public that such code was put into the kernel by one of them). Linus has talked about refusing to do this in the past. However, it’s no surprise they’re not willing to risk the whole project for a handful of people working for Russian weapons manufacturers.
So you realize they have no choice and couldn’t have done any differently but you’re still irrationally upset about it so you decided to become the tone police?
I don’t think it’s irrational to have wanted them to be transparent about it, but you do you I guess.
I think it’s extremely clear what’s happening and why and tone policing them about it is not helpful.
How am I tone policing?
It’s pretty hard to be open and transparent when 2 men with guns and black suits are sitting at your kitchen table.
We don’t know if that happened, but given the speed this happened and the us being the us…
If it breaks that they had a long runway of knowing this had to happen, then sure bring out the pitchforks, but imo we should default to this happening under heavy pressure to act immediately.
Ughhh, it was so infuriating hearing that guy rant about how Rust was bad and was trying to take over at that conference. I felt so bad for the speaker.
Wait linux community is removing maintainters because of their nationality???!!
Not nationality but alleged involvement with sanctioned organizations. There are plenty of Russian names on maintainers list remaining.
I still don’t think something so important should be beholden to the whims of one company (Linux Foundation) or their country’s laws (USA).
I would strongly prefer to use an operating system that didn’t have this problem. Do any even exist?
Exactly my thoughts.
I was contemplating using FreeBSD, but then I found about the kernel switch to forbid Russian or Chinese usernames and… well, that’s not an option as well IMO.
Don’t know the decades of peace we have had is going to end sooner rather then latter. All the big countries are distancing themselves which is not good. When they where codependent on each other, times where stable. Now who knows it’s not going to be what we where used to though.
Sorry, but the US is almost certainly the main culprit here. They’re loosing power in every aspect and they want to reinstate that power in every way possible. As any human being, letting go of a position of power is hard. They just can’t accept the fact that someone could be better than them in capitalism then them, which the Chinese proved they can.
It served them well when they were 1st, but it’s no good when someone else does it.
It’s a good thing that no one is beholden to anyone then. Which is the entire point of free software.
I was more referring to mainline specifically, otherwise your chances of having many people actually benefit from your changes without a lot of effort is small IMO.
Not just the USA. Certainly at least the EU as well. I belong to neither.
Not sure what better world you want where we are not “beholden” to laws though.
The GPL is certainly “beholden” to laws as well, including a total lack of developer freedom which I personally disagree with.
For precisely when we disagree, there have to be laws.
By “lack of developer freedom”, do you mean “lack of ability to take the freedom you got with the code away from the next person?”
Because that’s the primary restriction with the GPL.
A lack of freedom from being screwed over by companies stealing your code.
freedom TO vs freedom FROM
That’s the beauty about open source: it isn’t beholden to the whims of anyone. If disagree with the Linux Foundation, you’re free to make your own independent fork. Others that agree with you can then start contributing to the fork. And this isn’t a purely theoretical scenario as it has happend with other open source projects before.
Indeed we already see stuff like OpenHarmony which was originally a fork of Android by Huawei due to US sanctions on them. I expect we’re going to be headed into a world of bifurcated technology between G7 and BRICS. As western countries continue to act in a petulant fashion, developers in the rest of the world will have no choice but to go their own way.
Hey dipshit that is even worse. It’s just racism/xenophobia/CIA meddling (probably).
Let’s just say this properly ok so that 70 percent of the commenters here might better understand.
Association with some of the people previously on the kernel maintainers list was putting the Linux kernel at risk. The risk was that European, American, and other users may be prohibited from using it. The risk was that entities such as the Linux Foundation could be held in contempt of sanctions and sanctioned themselves. That could mean financial damage or even a full stop to operations.
If the kernel were sanctioned, every entity, individual or company, could be put at risk.
Association with sanctioned individuals put every other maintainer at risk. Being listed together in the maintainers file put many innocent people in extreme jeopardy.
So, let’s say this properly ok…
Some of the maintainers were removed to defend the Linux kernel and the many, many entities ( individual and corporate ) that use it. They were removed to protect the other maintainers and the people and companies that they associate with.
The Linux Foundation, being American, may have been particularly at risk. But “moving” the kernel does nothing. The contributors and maintainers are still wherever they are. Linux users are equally economically dependent on the US and Europe regardless. The issue are the international sanctions. My country has issued them too ( neither American or European ). And blaming the counties that issued the sanctions, instead of blaming Russia, is a very interesting morale position to take ( not getting into that here ).
My first reaction was to have a problem with how this was done. However, once you acknowledge the association, any interaction, collaboration, or communication becomes even more problematic as you KNOW that you are working with sanctioned individuals. So, doing it simply and succinctly was probably best.
It’s not about nationality. Here are the facts:
Therefore to not remove Serge from the maintainers would open LF to legal repercussions.
You might not agree with what was done, I certainly don’t, but I understand it.
How things is done 30 years ago en.m.wikipedia.org/wiki/Pretty_Good_Privacy#Crimi…
And this by Ken Thompson 40 years ago en.m.wikipedia.org/wiki/Backdoor_(computing)#Comp…
And your point is?
Just feel things are very different now. Much harder to fight/work around with govt. And this leads to my 2nd link that, kinds of conspiracy, that we maybe already have backdoor in open source projects because they are hard to detect as long as there are pre-build tools.
Anyway, lots of feelings after reading this post…
I hope that this will cause Russia and aligned countries to switch and invest into one of BSD variants. Probably won’t happen, but there is hope.
2024 is the year of Red Star Linux on the desktop
o7
👏