I've just seen this article from the +Washington Post circulating, and it is worth questioning the real motivations behind it.
Lets start with the author: writes an article attacking +Linus Torvalds as a person and using fear regarding Linux security as a method to gain legitimacy.
But doesn't understand the difference between an OS and a Kernel, or at least has no issue confusing readers.
"Yet even among Linux’s many fans there is growing unease about vulnerabilities in the operating system’s most basic, foundational elements — housed in something called “the kernel"
And here's the type of stuff the security experts say:
"If you don’t treat security like a religious fanatic, you are going to be hurt like you can’t imagine."
Because we all known dogma and fanatism are the best answers – to any problems.. right?
Best of all, this is from a security expert associated to the NSA.
No wonder why Linus ends up saying fuck to this kind of crap.
Also, maybe he's not as vulnerable as some would like to initiatives to take control of the Linux project for the wrong reasons, using fear as justification.
I'm no conspiracy theorist, but curious elements are right here in the article already.
#supercurioBlog #security #critic
Meet the man who holds the future of the Internet in his hands — and thinks most security experts are “completely crazy”
Linus Torvalds created Linux, the operating system that dominates the online world. But a rift exists between Torvalds and security experts.
10 thoughts on “Misguided attacks against the Linux leader”
There's more context to it, see my links:
It's actually a fairly well written article apart from a few "shortcuts" that were taken.
+Anisse A. The underlying issue is indeed very interesting.
However this article is all over the place, giving a voice to people who make sense as well as others who are just insane. Again, once all that mixed with personal attacks against Linus person, the purpose is quite intriguing.
To me, it appears Linus assessments are rather pragmatic and accurate. Just like with GNU before, he's probably right keeping his project safe from excessive philosophical/dogmatic/governmental influences.
"… “If you don’t treat security like a religious fanatic, you are going to be hurt like you can’t imagine. And Linus never took seriously the religious fanaticism around security,” said Dave Aitel, a former National Security Agency research scientist and founder of Immunity, a Florida-based security company…." We have the ATEIST Tovalds and the RELIGIOUS Richard Stallman. Each on the same face of the same coin.. Each one doing their needed work…. Tovalds act like a pure engineer ..
This hurts to read…
Seems well directed and payd news. A SECURE EXPERT CLAIM THIS?
“While I don’t think that the Linux kernel has a terrible track record, it’s certainly much worse than a lot of people would like it to be,” said Matthew Garrett, principal security engineer for CoreOS, a San Francisco company that produces an operating system based on Linux. At a time when research into protecting software has grown increasingly sophisticated, Garrett said, “very little of that research has been incorporated into Linux.”
Versions of Linux have proved vulnerable to serious bugs in recent years. AshleyMadison.com, the Web site that facilitates extramarital affairs and suffered an embarrassing data breach in July, was reportedly running Linux on its servers, as do many companies.
Those problems did not involve the kernel itself, but experts say the kernel has become a popular target for hackers building “botnets,” giant networks of computers that can be organized to initiate cyberattacks. Experts also say that government spies — and the companies that sell them surveillance tools — have turned their attention to the kernel as Linux has spread.
The Security Intelligence Response Team for Akamai, a leading Internet content delivery company, spoke bluntly on the rising vulnerability of Linux in September when it announced the discovery of a massive botnet that attacked up to 20 targets worldwide each day.
+Friedrich Sinofzik I found interesting the parallel as well.
People with "beliefs" on how to "save people" wanting to take control for the greater good; glad +Linus Torvalds is mostly immune to that.
+Friedrich Sinofzik shoot, I have to admit I stopped reading once reaching an error/inaccuracy threshold, disqualifying it as serious document.
So it doesn't get much better.
It's a lack of understand what and how engineering works.
They lack by 100% how the structure from the linux kernel using the open source works.
It's not LINUS that need to maintain the security , but who maintain the specific portion from the code. He need to maintain the structure to be easy to merge, audits and maintain the "philosophy" around their "belief"in what is the kernel and what he allow or not to be merged ( the codes).
The kernel structure is open for everyone to audit the code. If you find a bug or some sort of security flaw" is discovered, push the correction and if your correction works, will be merged.
the news is completely insane.
This news, the feminist case and others news are poping up around there show the linux started to upset a lot of peoples.
It's almost like accuse the github because they are failing to maintain the code they host free of security flaws…
Hoooly crap.. Why would you bring up AshleyMadison if it isn't even relevant!?
I'm not reading another word of that crap.
+Karl Ramstedt people know about that one, it's a good opportunity to somehow blame +Linus Torvalds for it…