Linus Torvalds just gave his statements on grsecurity

And it's bad.
spinics.net/lists/kernel/msg2540934.html

Other urls found in this thread:

seclists.org/oss-sec/2017/q2/596
gnu.org/software/hurd/faq/still_useful.html
gnu.org/software/hurd/hurd-paper.html
en.wikipedia.org/wiki/L4_microkernel_family
twitter.com/SFWRedditImages

Now, systemd.

Linux jump the shark a long time ago.

Please, it's not about an ideology it's about design.

i love his attitude towards things,
if you can`t make it work properly you failed,
reasonable argument

Truth.

And Linus' design approach has always been: "I don't care if it's secure as long as it werks"

He already has.

Uh huh. huhuh. I seem to have found the problem, sir.

The things that work and you use are less secure than the things that don't work and you don't use. :)

No, it's common fucking sense. This is what anyone without severe mental illness has known for a long time, it's not some fucking revelation.

The comprimice between security and usability should be clarified better and left up to the user for him to decide. This is not a desicion that Linus "I know best what you need" Torvalds should make on behalf of every users.

kek, linus bitching about people modifying his one size fits all kernel, he doesn't even care about sec.
Don't whine about what patches people choose to compile, how about what this means for GPL?

Fuck this, I'm only going to use templeos

Fuck: *compromise* *decision*


Exactly. Linus decides what level of security everyone should have, and if your attack model is different from normalfags you're a "masturbating monkey". He does good work, but he should also understand he hasn't made Linux as flexible as it could/should be.

He isn't. Linus is only saying some patches are shit.
Nothing. People are free to do whatever they want with Linux. Yes, even if Linus thinks they're retards. It's called freedom, you wouldn't understand so don't bother.

What if they are extra secure even if they break shit?

I'm not saying Linus is wrong in this case, he's probably right, but it would be interesting as a research project where changing the usability/security ratio with great precision was dirt simple, and you didn't need a deep understanding of the kernel to do it.

What the specific grsecurity case means for the GPL is a dfferent issue.


A computer turned off is the second most secure computer, the unplugged computer is the most secure computer, so grsecurity does a pretty good job if they break shit. ;-p

WEW

If Torvalds wouldn't have bended over every industrial shill we wouldn't have mandatory binary blobs everywhere.
Sure "Linux" would be a bit less used but people wouldn't be fucked (or less) by the software that was meant to be in their control.
People consider that android is a great Linux success but holy shit it's the greatest failure of them all.
-Purge of GPLv3 software.
-Can't work without google botnet
-Can't work with blobs
-DRM hardware
-Dataminig everywhere
-Horrible design
-Can't upgrade easily
-Complete security failure
-Constant spying
-Constant advertising
-Have to buy a new phone
Android is literally on the same level of windows 10 at the difference that some very few users will be able to use cyanogenmod and make custom poozed roms.
And even less will use replicant.

...

Try LineageOS.

seclists.org/oss-sec/2017/q2/596

Brad Spengler and Torvalds are both annoying as fuck.

Take the poo to the loo.

Literally what?

...

this has nothing to do with Linux' security holes and grsec's fixes for those but is just a clash of autistic titans over how the colored, geometrically shaped wood blocks get sorted

Linus has said over and over again that grsec's methods have no chance being upstreamed being dropped as one single patch modifying a ton of different sub systems and spender has been rambling how terrible Linux is for more than a decade but still kept developing code for it

No shit you have to break userland to get better security, you think all the toolchain hardening didn't break packages at first?
Hardened Gentoo team has put in lots of work to make PaX work with userland and also put in effort to toolchain hardening, yes things broke down but now we can enjoy hardened toolchain & PaX on desktops without having to do anything.

This doesn't change the fact that these are here by default, but here's some ways to mitigate these problems.
Termux
Lineage/Cyanogen/Resurrection Remix
F-Droid
Yalp Store if you need to download/update botnet
Replicant, but >no wifi
Use older phones. Samshit Galaxy SIII (GT-I9300) is pretty good imo, the performance is meh and can run most of the things that I throw at it (that are not modern garbage apps/games)
You can't really fix this. I agree that forking the entire android tree just to port it to a device is just ridiculous.
Using Resurrection Remix, upgrading doesn't need a wipe IIRC. Just flash the latest zip.
Can't really mitigate without common sense and Jewgle's security patches (obtain by using new builds of custom ROMs)
Can't really mitigate
Install AdAway from F-Droid (requires root)
I'm pretty content with my GT-I9300 (from 2011).

No more, grsecurity took down the public testing patches and it takes tremendous efforts to port the patches across versions.

There still is an unofficial port for 4.9 LTS

and hardened toolchain is still there

I know, I use gentoo with hardened profile and hardened-sources 4.9 myself, but I'm thinking of switching back to gentoo-sources for dat 4.11 kernel.

spengler needs to realize that this is linus' way of giving grsecurity a second chance, explaining what needs to be done fo rit to be merged, and secondly that if he doesn't do it grsecurity is not going to survive on its own.

Where's your software project with more than 1 user? Fucking halfchan summer immigrants

That's only reasonable. Chaos does not beget security.

Nice exaggerated strawman
If some shit is broken but most shit still works then it's valuable

I'm already aware of all this m8.
I'm actually using replicant.
note: it's not only the wifi that isn't usable it's:
-Wifi.
-Bluetooth.
-GPS.
-3D acceleration.
-and lot of sensors.

My point about the purge of the GPLv3 is because if google didn't removed them they would be obliged to let users do what they want with certain part of the system.
Which ultimately would be a lot easier to hack into it.


correction microkernel
Read you dumb nigger:
gnu.org/software/hurd/faq/still_useful.html
gnu.org/software/hurd/hurd-paper.html


Says the immigrant

This doesn't seem so bad. He's just making a point here.

You just fucked this up.


Currently grsec is still a shitty linux patch and being "flexible" isn't a kernel problem so... Oh yeah, OpenBSD, but their users also hackers, so it doesn't matter if the userspace screwed up yearly twice.

en.wikipedia.org/wiki/L4_microkernel_family

link to specific commit or gtfo

It would also be easier to remove botnet code and harden the system yourself instead of trusting google; it's a double edged sword.

Anti-spam bump 1

neck yourself

and of course the most retarded comment in thread always goes to..

What is Little My doing on >>>Holla Forums?

...

If this is an amusing quote to preface an anecdote about data loss costing a company millions of dollars, that's kind of funny.

If this is supposed to be the start of a novel, I kind of want to throw up.

That's what I meant by hacking.
I used the term hack in it's rightful term.