• ouch@lemmy.world
    link
    fedilink
    arrow-up
    71
    arrow-down
    3
    ·
    7 days ago

    As a finn, I understand that there are probably legal reasons for doing this.

    I just wish they would be transparent and share those reasons with us. The Linux kernel is certainly not the only free software project that is impacted, if this comes straight from EU/US sanctions. Maintainers of other projects have a lot of interest in what is happening.

    Transparency is also important because if EU/US policy/sanctions are causing issues for free software projects, then that discussion needs to be public, so that there is a chance to amend the policies if necessary.

    • sudo@programming.dev
      link
      fedilink
      arrow-up
      10
      arrow-down
      2
      ·
      6 days ago

      The legal reasons was because the Linux Foundation is based in the USA and the targeted devs worked for companies explicitly sanctioned by the USA. Linus said he knew and trusted the devs he was forced to delist.

      The Linux Foundation needs to relocate to some stable neutral country like Switzerland.

      • JackbyDev@programming.dev
        link
        fedilink
        English
        arrow-up
        12
        ·
        7 days ago

        FOSS is inherently political though, but I guess you mean country vs country politics moreso than ideological politics.

      • kmaismith@lemm.ee
        link
        fedilink
        arrow-up
        7
        ·
        7 days ago

        That is hardcore wishful thinking, the nature by which critical digital infrastructure is developed and maintained is of keen importance to political systems everywhere. This situation was inevitable with the ongoing escalation of war

        • Alsephina@lemmy.ml
          link
          fedilink
          English
          arrow-up
          5
          ·
          edit-2
          7 days ago

          That’s why the “should be” I guess, though that’s not to say there aren’t idiots (right in this thread too) actually shilling for this.

          If current open source licenses still have flaws like this, we’re gonna need new ones.

      • orcrist@lemm.ee
        link
        fedilink
        arrow-up
        4
        ·
        6 days ago

        It has to be there, because politics is connected with lawmaking, and open source software is dependent on laws.

        A lot of people like to say that politics isn’t in their life or that they keep politics out of their life, but the reality is that’s just not true. The rules that govern society affect you, always, either with or without your input, either with or without your acknowledgment.

        You’re probably trying to say that we should keep pointless politicking out of open source software, and I agree, but that’s going to come down to personal definitions of pointlessness.

  • Arcturus@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    63
    arrow-down
    10
    ·
    7 days ago

    We’re gonna start seeing large open source communities start to break into smaller ones because of sanctions from now aren’t we?

  • communism@lemmy.ml
    link
    fedilink
    arrow-up
    80
    arrow-down
    25
    ·
    7 days ago

    Everyone who disagrees with me is a paid russian troll of course. Nobody would oppose blacklisting people based on nothing but their nationality unless they were getting paid for it.

    • hitwright@lemmy.world
      link
      fedilink
      arrow-up
      22
      arrow-down
      18
      ·
      7 days ago

      I guess it’s difficult to otherwise explain the position you have? It’s not like people face criminal charges in Russia just for speaking against it. It’s easy to see how the state would want to introduce backdoors to most western systems.

      It’s extremely sad that a lot of good Russians get swooped in this. But even abroad their lives are in danger to fight the state.

      • ghu@lemmy.ml
        link
        fedilink
        arrow-up
        25
        arrow-down
        2
        ·
        7 days ago

        I doubt if someone wants to introduce a backdoor, they would do that with a russian mailing address. People removed were open and transparent about their nationalities which means there is even less chance them being bad actors than some random guy pretending to be American.

        • hitwright@lemmy.world
          link
          fedilink
          arrow-up
          14
          ·
          7 days ago

          Aren’t the removed commiters with direct access to the kernel? It’s not like it’s some rando that makes pull requests.

      • davel [he/him]@lemmy.ml
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        11
        ·
        7 days ago

        I think you’re making up a world in your head. Who are these “lots” of “good” Russians who are abroad and whose lives are in realistically danger of state assassination? Not that it has never happened, but you’re blowing things out of proportion. Probably Russia does it at a scale roughly similar to the US.

        • prole@lemmy.blahaj.zone
          link
          fedilink
          arrow-up
          15
          arrow-down
          3
          ·
          edit-2
          7 days ago

          I think you’re making up a world in your head.

          My friend, they poisoned people in the UK with a fucking nerve agent. They are so brazen and open about people being killed for not doing that the Kremlin tells them.

          They have purposely made a meme out of the “suspiciously fell from window” thing, because they want people to know exactly what happens and why.

          • davel [he/him]@lemmy.ml
            link
            fedilink
            English
            arrow-up
            4
            arrow-down
            10
            ·
            7 days ago

            they poisoned people in the UK with a fucking nerve agent.

            Yes, they did. How often is that happening? Proportion.

            • prole@lemmy.blahaj.zone
              link
              fedilink
              arrow-up
              7
              ·
              edit-2
              6 days ago

              We’re not talking about taking out former spies in foreign, sovereign nations you dolt. I used that as an example to show just how brazen and open they are about this stuff. Using such a dangerous method, on foreign soil, is basically unheard of.

              If you actually want to talk about frequency, we should be looking at the defenestration cases…

              This shit is happening so frequently that there are several wiki pages dedicated to listing them:

              https://en.wikipedia.org/wiki/Suspicious_deaths_of_notable_Russians_in_2022

              Scroll down to “see also” for a long list of related articles about the Russian government assassinating citizens and low-level bureaucrats.

              Assuming you actually give a shit

              EDIT: apparently Lemmy markdown doesn’t like the link. For anyone who can’t figure out why it’s not working, or for some weird reason thinks I would make up a wiki page with a title that specific:

              Suspicious deaths of notable Russians in 2022–2024

              And, again, after checking out the main article, take a look at the “see also” section.

              • davel [he/him]@lemmy.ml
                link
                fedilink
                English
                arrow-up
                3
                arrow-down
                7
                ·
                7 days ago

                Wikipedia does not have an article with this exact name.

                In any case, the defenestrations I’ve heard of have been within Russia, not outside it.

                Using such a dangerous method, on foreign soil, is basically unheard of.

                Not unheard of. US drone strikes on US citizens is a no-less dangerous a method.

                • prole@lemmy.blahaj.zone
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  edit-2
                  6 days ago

                  It’s almost as if the markdown on Lemmy changed the text of the link so it’s not valid.

                  And you couldn’t take the 3 second to fix it, and then actually learn something.

                  Well done.

                  You also seem confused about what we are even talking about. We are referring to software developers WITHIN RUSSIA. So the risk of defenestration is very real. Again, to repeat myself, I only brought up Russia using chemical warfare on foreign soil as an example to show how open and brazen they are.

                  I edited the original comment with a fixed link if you actually care

        • LeFantome@programming.dev
          link
          fedilink
          arrow-up
          6
          ·
          edit-2
          7 days ago

          Very nice link that not only does not have a list of names but also fairly explicitly explains that it is not talking about Americans killing Americans.

          I am not going to spend more than 30 seconds on it but here is the first list of “lots” of Russians that are believed to have been assassinated by their own government.

          https://en.m.wikipedia.org/wiki/Suspicious_deaths_of_notable_Russians_in_2022–2024

          Despite your personal attacks, the trivially discoverable facts are not on your side.

          I used Wikipedia since you apparently find it credible.

          My favourite “suicide” of a notable Russian in the last couple of years was the one that had a suicide note signed by “illegible signature” ( what it actually said ). I guess the FSB did not totally understand the instructions.

          Indeed A LOT of falling out of windows. Quite a bit of poisoning as well. These are the successful ones. How about that time they poisoned the entire Ukrainian peace team including the owner of the Chelsea Football Club?

    • Vilian@lemmy.ca
      link
      fedilink
      arrow-up
      10
      arrow-down
      28
      ·
      7 days ago

      That’s true, as he said just use your brain, Russia is under sanctions he literally said that, so Russian troll is a actually very accuracy

  • NauticalNoodle@lemmy.ml
    link
    fedilink
    arrow-up
    30
    arrow-down
    7
    ·
    7 days ago

    He alludes to sanctions being a factor but never clarifies on advice from his lawyers. ngl I don’t like the look of it just from a transparency perspective.

    • The Doctor@beehaw.org
      link
      fedilink
      English
      arrow-up
      8
      ·
      7 days ago

      Probably because the advice in question was lengthy and technical (subtype: laws and legality), and the short form had the disclaimer "Please don’t publish the short form because it’s too much like giving legal advice.) Something similar happened back in 2012 with Project Byzantium, when we were consulting with the EFF with respect to having cryptographic libraries included in the distro.

  • boincboy3000@feddit.org
    link
    fedilink
    Deutsch
    arrow-up
    4
    arrow-down
    1
    ·
    edit-2
    7 days ago

    Hm i never coded a line in my life, but i always wondered so honest question to the experts here: is it realistic that someone codes security back doors so hidden in other bad or wrong documented code, that nobody recognizes it in OSS community? I mean code is getting more complicated and specialized, dont you need more and more human resources (more than one person and hopefully not all with a bad intention) to check over that code? If im correct you shouldnt let more code into your software than the community is able to check an validate several times… Doesnt mean it has to be russians that need to be excluded idk

    • ouch@lemmy.world
      link
      fedilink
      arrow-up
      20
      ·
      7 days ago

      Yes, not only is it realistic, it has actually happened. It’s easier to write code than understand it. Even when reviewing code, you miss more or less obvious issues. Not to mention intentional vulnerabilities that can be sneaked in over multiple commits and time span long enough to make reviewers forget the larger context.

    • sunbeam60@lemmy.one
      link
      fedilink
      arrow-up
      5
      ·
      7 days ago

      There will be a million security issues across all OSS. Some of it will be intentional; if so definitely don’t expect it to be a “findable” back door. It will be a set of vulnerabilities across several projects, that when combined allow the perpetrators privilege-escalations or a known path through a security system. Removing “Russians” from contribution doesn’t actually stop that, everyone can use a VPN and work as an American or whatever, but it does send a signal.

      • BlackAura@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        7 days ago

        This might not be super useful if you don’t write code but I always found the contest submissions fun to read and try to figure out for the https://www.underhanded-c.org/ contest.

        They break down and explain the runner up and finalist for each year and how the attack works. It’s usually something very subtle that most people wouldn’t catch.

    • sunbeam60@lemmy.one
      link
      fedilink
      arrow-up
      1
      ·
      7 days ago

      There will be a million security issues across all OSS. Some of it will be intentional; if so definitely don’t expect it to be a “findable” back door. It will be a set of vulnerabilities across several projects, that when combined allow the perpetrators privilege-escalations or a known path through a security system. Removing “Russians” from contribution doesn’t actually stop that, everyone can use a VPN and work as an American or whatever, but it does send a signal.

  • rtxn@lemmy.world
    link
    fedilink
    English
    arrow-up
    95
    arrow-down
    3
    ·
    7 days ago

    The comments under the article are a special kind of braindead.

    • TheGrandNagus@lemmy.world
      link
      fedilink
      English
      arrow-up
      72
      arrow-down
      1
      ·
      7 days ago

      Always is with Phoronix comments.

      You find everything there from “Gnome is satanist” all the way up to pro-genocide crap.

      I really don’t know what it is about the site that brings out the craziest souch.

      • LupertEverett@lemmy.world
        link
        fedilink
        arrow-up
        4
        ·
        7 days ago

        The absolute disregard of having any moderation is what does that. If there was any, there wouldn’t be the cases like having someone be there by their third account, after the first two got banned.

        Not to mention that controversy = angry people and trolls = more clicks = more ad revenue. I don’t think Michael wants to miss out on it.

      • SquirtleHermit@lemmy.world
        link
        fedilink
        arrow-up
        56
        arrow-down
        24
        ·
        7 days ago

        For half a second there, I was like “yeah, so glad Lemmy is more rational than that site”.

        Few comments later, folks be talking about “Ukranian Nazis”…

          • GeneralInterest@lemmy.world
            link
            fedilink
            English
            arrow-up
            5
            arrow-down
            1
            ·
            6 days ago

            I would wager that every country has far-right elements, including Russia.

            What Russia claims though is that the Ukrainian government is full of Nazis, which I don’t think is true.

        • Jesus_666@lemmy.world
          link
          fedilink
          arrow-up
          21
          arrow-down
          8
          ·
          7 days ago

          Hoo boy, you weren’t kidding. I find it amazing how quickly this went from “the kernel team is enforcing sanctions” to an an unfriendly abstract debate about the definition of liberalism. I shouldn’t, really, but I still am.

        • Rentlar@lemmy.ca
          link
          fedilink
          arrow-up
          12
          arrow-down
          5
          ·
          edit-2
          7 days ago

          Hahaha I saw the parent commentor of that chain notorious for getting into back and forth arguments, sometimes reasonable sometimes not, and I thought to myself, this is going to be fun. Then I recognized the username of that other .ml user as a known troll and I was like, yep now this is going to go way off the rails.

    • Aatube@kbin.melroy.org
      link
      fedilink
      arrow-up
      47
      arrow-down
      3
      ·
      7 days ago

      Yeah. Why is everyone saying this is removing their contribution credits? It’s just a list of active maintainers…

      • rtxn@lemmy.world
        link
        fedilink
        English
        arrow-up
        12
        ·
        7 days ago

        That’s a fair point. I rarely read comments on news articles, but morbid curiosity overpowered my self-preservation instinct.

      • Dessalines@lemmy.ml
        link
        fedilink
        arrow-up
        18
        arrow-down
        1
        ·
        7 days ago

        I would never. The idea that any person should be disbarred from contributing to FOSS due to the actions of their government, is incredibly exclusionary. Linus is acting as much like a toddler as daddy USA is.

    • Quail4789@lemmy.ml
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      4
      ·
      7 days ago

      The west is sanctioning Russia because their daddy US tells them to. Similarly they don’t sanction Israel because of daddy.

    • JustMarkov@lemmy.ml
      link
      fedilink
      English
      arrow-up
      56
      arrow-down
      5
      ·
      7 days ago

      No, it’s not like Israel is attacking its neighbors. It doesn’t, does it?

      • bastion@feddit.nl
        link
        fedilink
        arrow-up
        3
        arrow-down
        3
        ·
        edit-2
        6 days ago

        It’s not about punishing Russia, is admit preventing vulnerability to a country that has an ongoing effort to compromise infosec.

        Not at all saying Israel doesn’t suck balls right now.

        • JustMarkov@lemmy.ml
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          1
          ·
          edit-2
          6 days ago

          a country that has an ongoing effort to compromise infosec.

          Any confirmation, that these specific maintainers were compromising something?