We’re gonna start seeing large open source communities start to break into smaller ones because of sanctions from now aren’t we?
This sets such a bad precedent…
The bad precedent was starting a war
Yeah I’m sure the maintainers are in talks with Putin directly
As a finn, I understand that there are probably legal reasons for doing this.
I just wish they would be transparent and share those reasons with us. The Linux kernel is certainly not the only free software project that is impacted, if this comes straight from EU/US sanctions. Maintainers of other projects have a lot of interest in what is happening.
Transparency is also important because if EU/US policy/sanctions are causing issues for free software projects, then that discussion needs to be public, so that there is a chance to amend the policies if necessary.
Politics should not be on FOSS development.
FOSS is inherently political though, but I guess you mean country vs country politics moreso than ideological politics.
That is hardcore wishful thinking, the nature by which critical digital infrastructure is developed and maintained is of keen importance to political systems everywhere. This situation was inevitable with the ongoing escalation of war
That’s why the “should be” I guess, though that’s not to say there aren’t idiots (right in this thread too) actually shilling for this.
If current open source licenses still have flaws like this, we’re gonna need new ones.
He alludes to sanctions being a factor but never clarifies on advice from his lawyers. ngl I don’t like the look of it just from a transparency perspective.
Removed by mod
Based Linus as always
Everyone who disagrees with me is a paid russian troll of course. Nobody would oppose blacklisting people based on nothing but their nationality unless they were getting paid for it.
That’s true, as he said just use your brain, Russia is under sanctions he literally said that, so Russian troll is a actually very accuracy
“The imperial core is sanctioning Russia therefore you are a Russian troll.” Impeccable logic.
I guess it’s difficult to otherwise explain the position you have? It’s not like people face criminal charges in Russia just for speaking against it. It’s easy to see how the state would want to introduce backdoors to most western systems.
It’s extremely sad that a lot of good Russians get swooped in this. But even abroad their lives are in danger to fight the state.
I think you’re making up a world in your head. Who are these “lots” of “good” Russians who are abroad and whose lives are in realistically danger of state assassination? Not that it has never happened, but you’re blowing things out of proportion. Probably Russia does it at a scale roughly similar to the US.
I doubt if someone wants to introduce a backdoor, they would do that with a russian mailing address. People removed were open and transparent about their nationalities which means there is even less chance them being bad actors than some random guy pretending to be American.
Aren’t the removed commiters with direct access to the kernel? It’s not like it’s some rando that makes pull requests.
Free as in… obeys US foreign policy
I’m pretty sure not just the US wants Russia sanctioned to the oblivion. All of the Europe that borders Russia wants that. Now why would it be like that?
He’s gonna ban american and “israeli” maintainers too then, I guess?
Why? There aren’t any sanctions for them in Finland?
Linus said it was to prevent security backdoors.
Linus has never been the best communicator, but he usually speaks the truth. But this is just bonkers and wrong. Not everyone living in Russia has “ties with Russia” other than “they were born there”. If this is about sanctions, he could have still just told them that. But instead he just disrespected contributors completely and then double down in it by being xenophobic.
Hate to break it to you, but if you live in Russia and can be useful to the government, they will make you useful. Unless you don’t mind you, or your family suffering and dieing, there is no stopping that.
Russia has no law to protect its citizens, only to scare and oppress their citizens. If Russia wants you to do something, such as working in a backdoor in software, you have no choice. So it is a good choice to not leave that door wide open in my opinion.
It’s really disappointing seeing Russian contributors being disrespected like this, the regime that rules Russia wasn’t entirely their fault, and allegiance, nationality, and ethnicity are all clearly different things
Also, wouldn’t a state sponsored Russian hacker pretend to be from the US or something anyway? No way they’d contribute code as a Russian, that’d just increase others’ suspicion
I agree with Linus a lot too but I strongly disagree here. I hope he’s just being made to say this because of government policies
And the most dangerous part here is the whole rethoric of “if you disagree, you are a Russian shill”.
I don’t understand how sanctions can impact free software, tbh, what’s free about this? This leaves a weird taste, I have to admit.
Linux foundation is a US company, and he’s a EU citizen and there’s companies that those devs where employed that are under sanction , hot that hard to understand
Shame to see this shit from torvalds
fremdscham++
😬I’d really like to see the criteria for delisting people, though. As Russia is not the only one waging wars, there are worse countries out there. I guess it all boils down to Linus being from Finland.
There may be worse countries, but rest of the word is not in a proxy war with them.
Yeah the kernel might end up being forked if this shit keeps going. Sanctions affecting open source software like this was not something I expected…
Man, I wish he’d leave the communication to someone else. He is so, so bad at it. And this isn’t the first time
The way he attacks critics puts himself in a bad light. But much more importantly, I read this and am still unsure if he has administrative/legal reason, security reasons or political reasons…
If I’d work in Russian propaganda, I’d love this so much. Hope this will not cause disruption in the community.
It is inherently disruptive. And “knowing” Linus, if he apologizes for the communication, it won’t come soon enough.
Hm i never coded a line in my life, but i always wondered so honest question to the experts here: is it realistic that someone codes security back doors so hidden in other bad or wrong documented code, that nobody recognizes it in OSS community? I mean code is getting more complicated and specialized, dont you need more and more human resources (more than one person and hopefully not all with a bad intention) to check over that code? If im correct you shouldnt let more code into your software than the community is able to check an validate several times… Doesnt mean it has to be russians that need to be excluded idk
Yes, not only is it realistic, it has actually happened. It’s easier to write code than understand it. Even when reviewing code, you miss more or less obvious issues. Not to mention intentional vulnerabilities that can be sneaked in over multiple commits and time span long enough to make reviewers forget the larger context.
There will be a million security issues across all OSS. Some of it will be intentional; if so definitely don’t expect it to be a “findable” back door. It will be a set of vulnerabilities across several projects, that when combined allow the perpetrators privilege-escalations or a known path through a security system. Removing “Russians” from contribution doesn’t actually stop that, everyone can use a VPN and work as an American or whatever, but it does send a signal.
Interesting answers, thanks!
the comments on the article started off pretty good but pretty quickly devolved into a cancerous combination of NAFO and Hasbara.