As a finn, I understand that there are probably legal reasons for doing this.
I just wish they would be transparent and share those reasons with us. The Linux kernel is certainly not the only free software project that is impacted, if this comes straight from EU/US sanctions. Maintainers of other projects have a lot of interest in what is happening.
Transparency is also important because if EU/US policy/sanctions are causing issues for free software projects, then that discussion needs to be public, so that there is a chance to amend the policies if necessary.
The legal reasons was because the Linux Foundation is based in the USA and the targeted devs worked for companies explicitly sanctioned by the USA. Linus said he knew and trusted the devs he was forced to delist.
The Linux Foundation needs to relocate to some stable neutral country like Switzerland.
Switzerland is controlled by the US
Suggest a country then
Politics should not be on FOSS development.
FOSS is inherently political though, but I guess you mean country vs country politics moreso than ideological politics.
The F in FOSS stands for politics
That is hardcore wishful thinking, the nature by which critical digital infrastructure is developed and maintained is of keen importance to political systems everywhere. This situation was inevitable with the ongoing escalation of war
That’s why the “should be” I guess, though that’s not to say there aren’t idiots (right in this thread too) actually shilling for this.
If current open source licenses still have flaws like this, we’re gonna need new ones.
It has to be there, because politics is connected with lawmaking, and open source software is dependent on laws.
A lot of people like to say that politics isn’t in their life or that they keep politics out of their life, but the reality is that’s just not true. The rules that govern society affect you, always, either with or without your input, either with or without your acknowledgment.
You’re probably trying to say that we should keep pointless politicking out of open source software, and I agree, but that’s going to come down to personal definitions of pointlessness.
We’re gonna start seeing large open source communities start to break into smaller ones because of sanctions from now aren’t we?
You don’t need sanctions. I’ve seen you petty fucks fork projects over a font.
They’ll fight over fonts meanwhile WordPress is on fire and where are the forks?
Or a name
BringFork out the GIMP!gimp-qt
:3
This sets such a bad precedent…
The bad precedent was starting a war
Yeah I’m sure the maintainers are in talks with Putin directly
Removed by mod
If/when the Russian government comes knocking on their door and tells them that they need to do x, y, and z with the kernel
CIA could do that too.
Ah yes. The Finnish CIA.
They have one?
Any moderator want to actually let me know why my comment was removed, or…?
Is pointing out the dangers of working in an autocratic nation against the rules?
I can see the comment dude.
Arguably, ITAR set the precedent in the 1990’s during the crypto wars. USians used to have to travel to Canada to work on cryptographic code in OpenBSD because their commits couldn’t legally be exported.
This article gives a good discussion about a potential coming East/West political split in the world of FOSS.
https://thenewstack.io/avoiding-a-geopolitical-open-source-apocalypse/
Everyone who disagrees with me is a paid russian troll of course. Nobody would oppose blacklisting people based on nothing but their nationality unless they were getting paid for it.
I guess it’s difficult to otherwise explain the position you have? It’s not like people face criminal charges in Russia just for speaking against it. It’s easy to see how the state would want to introduce backdoors to most western systems.
It’s extremely sad that a lot of good Russians get swooped in this. But even abroad their lives are in danger to fight the state.
I doubt if someone wants to introduce a backdoor, they would do that with a russian mailing address. People removed were open and transparent about their nationalities which means there is even less chance them being bad actors than some random guy pretending to be American.
Aren’t the removed commiters with direct access to the kernel? It’s not like it’s some rando that makes pull requests.
deleted by creator
I think you’re making up a world in your head. Who are these “lots” of “good” Russians who are abroad and whose lives are in realistically danger of state assassination? Not that it has never happened, but you’re blowing things out of proportion. Probably Russia does it at a scale roughly similar to the US.
I think you’re making up a world in your head.
My friend, they poisoned people in the UK with a fucking nerve agent. They are so brazen and open about people being killed for not doing that the Kremlin tells them.
They have purposely made a meme out of the “suspiciously fell from window” thing, because they want people to know exactly what happens and why.
Nerve agents compared to drone strikes look humane and civilized.
Disagree. Chemical warfare is an entirely different beast.
We’re talking about poisoning a single person not a gas cloud. Poisoning a single person vs drone striking a wedding.
they poisoned people in the UK with a fucking nerve agent.
Yes, they did. How often is that happening? Proportion.
We’re not talking about taking out former spies in foreign, sovereign nations you dolt. I used that as an example to show just how brazen and open they are about this stuff. Using such a dangerous method, on foreign soil, is basically unheard of.
If you actually want to talk about frequency, we should be looking at the defenestration cases…
This shit is happening so frequently that there are several wiki pages dedicated to listing them:
https://en.wikipedia.org/wiki/Suspicious_deaths_of_notable_Russians_in_2022
Scroll down to “see also” for a long list of related articles about the Russian government assassinating citizens and low-level bureaucrats.
Assuming you actually give a shit
EDIT: apparently Lemmy markdown doesn’t like the link. For anyone who can’t figure out why it’s not working, or for some weird reason thinks I would make up a wiki page with a title that specific:
Suspicious deaths of notable Russians in 2022–2024
And, again, after checking out the main article, take a look at the “see also” section.
Wikipedia does not have an article with this exact name.
In any case, the defenestrations I’ve heard of have been within Russia, not outside it.
Using such a dangerous method, on foreign soil, is basically unheard of.
Not unheard of. US drone strikes on US citizens is a no-less dangerous a method.
It’s almost as if the markdown on Lemmy changed the text of the link so it’s not valid.
And you couldn’t take the 3 second to fix it, and then actually learn something.
Well done.
You also seem confused about what we are even talking about. We are referring to software developers WITHIN RUSSIA. So the risk of defenestration is very real. Again, to repeat myself, I only brought up Russia using chemical warfare on foreign soil as an example to show how open and brazen they are.
I edited the original comment with a fixed link if you actually care
Very nice link that not only does not have a list of names but also fairly explicitly explains that it is not talking about Americans killing Americans.
I am not going to spend more than 30 seconds on it but here is the first list of “lots” of Russians that are believed to have been assassinated by their own government.
https://en.m.wikipedia.org/wiki/Suspicious_deaths_of_notable_Russians_in_2022–2024
Despite your personal attacks, the trivially discoverable facts are not on your side.
I used Wikipedia since you apparently find it credible.
My favourite “suicide” of a notable Russian in the last couple of years was the one that had a suicide note signed by “illegible signature” ( what it actually said ). I guess the FSB did not totally understand the instructions.
Indeed A LOT of falling out of windows. Quite a bit of poisoning as well. These are the successful ones. How about that time they poisoned the entire Ukrainian peace team including the owner of the Chelsea Football Club?
That’s true, as he said just use your brain, Russia is under sanctions he literally said that, so Russian troll is a actually very accuracy
“The imperial core is sanctioning Russia therefore you are a Russian troll.” Impeccable logic.
Shit like this is why I use the most generic yankee cowboy aliases online.
He alludes to sanctions being a factor but never clarifies on advice from his lawyers. ngl I don’t like the look of it just from a transparency perspective.
Probably because the advice in question was lengthy and technical (subtype: laws and legality), and the short form had the disclaimer "Please don’t publish the short form because it’s too much like giving legal advice.) Something similar happened back in 2012 with Project Byzantium, when we were consulting with the EFF with respect to having cryptographic libraries included in the distro.
Hey - an explanation. Who’da’thunk it?
deleted by creator
Hm i never coded a line in my life, but i always wondered so honest question to the experts here: is it realistic that someone codes security back doors so hidden in other bad or wrong documented code, that nobody recognizes it in OSS community? I mean code is getting more complicated and specialized, dont you need more and more human resources (more than one person and hopefully not all with a bad intention) to check over that code? If im correct you shouldnt let more code into your software than the community is able to check an validate several times… Doesnt mean it has to be russians that need to be excluded idk
Yes, not only is it realistic, it has actually happened. It’s easier to write code than understand it. Even when reviewing code, you miss more or less obvious issues. Not to mention intentional vulnerabilities that can be sneaked in over multiple commits and time span long enough to make reviewers forget the larger context.
There will be a million security issues across all OSS. Some of it will be intentional; if so definitely don’t expect it to be a “findable” back door. It will be a set of vulnerabilities across several projects, that when combined allow the perpetrators privilege-escalations or a known path through a security system. Removing “Russians” from contribution doesn’t actually stop that, everyone can use a VPN and work as an American or whatever, but it does send a signal.
Interesting answers, thanks!
This might not be super useful if you don’t write code but I always found the contest submissions fun to read and try to figure out for the https://www.underhanded-c.org/ contest.
They break down and explain the runner up and finalist for each year and how the attack works. It’s usually something very subtle that most people wouldn’t catch.
There will be a million security issues across all OSS. Some of it will be intentional; if so definitely don’t expect it to be a “findable” back door. It will be a set of vulnerabilities across several projects, that when combined allow the perpetrators privilege-escalations or a known path through a security system. Removing “Russians” from contribution doesn’t actually stop that, everyone can use a VPN and work as an American or whatever, but it does send a signal.
fremdscham++
😬Removed by mod
are the tankies in the room with us right now
Lemmy was built by communists. you would be better served by going back to Reddit.
Removed by mod
Based Linus as always
Huh. Lot of people Russian’ to conclusions in this thread.
Sorry.
Shhh. Let Linus Finnish.
Ok, dad.
Sorry for liking it.
The comments under the article are a special kind of braindead.
Always is with Phoronix comments.
You find everything there from “Gnome is satanist” all the way up to pro-genocide crap.
I really don’t know what it is about the site that brings out the craziest souch.
The absolute disregard of having any moderation is what does that. If there was any, there wouldn’t be the cases like having someone be there by their third account, after the first two got banned.
Not to mention that controversy = angry people and trolls = more clicks = more ad revenue. I don’t think Michael wants to miss out on it.
For half a second there, I was like “yeah, so glad Lemmy is more rational than that site”.
Few comments later, folks be talking about “Ukranian Nazis”…
Wholesome banderite chungus
I would wager that every country has far-right elements, including Russia.
What Russia claims though is that the Ukrainian government is full of Nazis, which I don’t think is true.
Removed by mod
Removed by mod
are you a CIA bot or what? since when did people start ignoring facts and just repeat state department or fed propaganda? very strange.
🤣
Edgy tweens being edgy.
I just smoked weed and … smoked weed.
Removed by mod
Hoo boy, you weren’t kidding. I find it amazing how quickly this went from “the kernel team is enforcing sanctions” to an an unfriendly abstract debate about the definition of liberalism. I shouldn’t, really, but I still am.
Hahaha I saw the parent commentor of that chain notorious for getting into back and forth arguments, sometimes reasonable sometimes not, and I thought to myself, this is going to be fun. Then I recognized the username of that other .ml user as a known troll and I was like, yep now this is going to go way off the rails.
“Bcachefs sucks because I use ext4”
Yeah. Why is everyone saying this is removing their contribution credits? It’s just a list of active maintainers…
This is not an unusual comment section on Phoronix, to put it mildly.
That’s a fair point. I rarely read comments on news articles, but morbid curiosity overpowered my self-preservation instinct.
Banning Israeli contributers too?
Unironically I would support it
I would never. The idea that any person should be disbarred from contributing to FOSS due to the actions of their government, is incredibly exclusionary. Linus is acting as much like a toddler as daddy USA is.
The west is sanctioning Russia because their daddy US tells them to. Similarly they don’t sanction Israel because of daddy.
No, it’s not like Israel is attacking its neighbors. It doesn’t, does it?
It’s not about punishing Russia, is admit preventing vulnerability to a country that has an ongoing effort to compromise infosec.
Not at all saying Israel doesn’t suck balls right now.
a country that has an ongoing effort to compromise infosec.
Any confirmation, that these specific maintainers were compromising something?
They would never!
ALL of them? Not at once. Usually.