• Kronusdark@lemmy.world
    link
    fedilink
    English
    arrow-up
    202
    ·
    28 days ago

    I think given the current political situation this is the right call. No one knows what the Russian government might compel otherwise innocent devs to do.

    That said, we (and I mean society, not any particular individual) should be mindful that we don’t slip into bigotry.

    • ____@infosec.pub
      link
      fedilink
      English
      arrow-up
      62
      ·
      28 days ago

      I’ve worked side by side with RU devs who were both personable and damned competent. Never were their tech skills in doubt, and I retain quite a bit of respect for those individuals.

      I’d not do the same today explicitly because of the political and compliance implications. It’s unfortunate, but necessary.

      • polar@lemmy.world
        link
        fedilink
        English
        arrow-up
        12
        ·
        28 days ago

        Again, with open software that is not necessary… If we get to believe that argument, those potential “FSB” coders would be the ones who would notice if the CIA was trying to place a back door in the kernel too. Open Software is OPEN!!

        • Would they? The XZ utils backdoor was only discovered by what can only be described as an insanely attentive developer who happened to be testing something unrelated and who happened to notice a small increase in the startup time of the library, and was curious enough to go and figure out why.

          Open does not mean “can’t be backdoored”.

          • polar@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            ·
            28 days ago

            Can you explain me why Linux waited till the very last moment of the Executive Order 14071’s grace period (the order is from April 2022!) to apply it? Obviously he trusted those people, or the verification system of the open system! Imagine you don’t like a political party for bad… fair enough, so you ban their representatives from voting table… don’t you think, that incentivizes the other party committing fraud? In these open system things, the more eyes the better, I don’t care if commies, libertarians, ultra-right or whatever, the diversity is what keep it in check…

            • bloodfart@lemmy.ml
              link
              fedilink
              English
              arrow-up
              18
              ·
              28 days ago

              Slow walking compliance is normal. It keeps assets liquid and processes & people in place as long as possible before making changes. It also prevents the cost of changing back and forth if a new rule is struck down before its final date.

              What will happen often is that a compliant procedure will be developed as soon as possible, but no changes will be made until absolutely necessary. That gives the organization maximum time to figure out other routes of compliance, fight the rule and continue at pace before they change.

        • TheTechnician27@lemmy.world
          link
          fedilink
          English
          arrow-up
          34
          ·
          edit-2
          28 days ago

          This coming from the brilliant mind who thinks Russia’s neighbors are better off neutral toward it and victim blames countries like Ukraine which have been invaded by it, routinely spreads pro-Russia propaganda on Lemmy and nothing else, and has suspiciously Russian-y broken English.

          Edit: Also, as other commenters have correctly pointed out, Russian citizens being allowed to be maintainers of the Linux project has fuck-all to do with the actual principles of open software as defined either by the FSF or the OSI.

          • polar@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            28 days ago

            Ukraine was invaded after a coup (when elections was 11 months away and polls say would turned pro-western anyways in their typical rotation). Yes Finland, Switzerland and Austria were non NATO are prospered fine, I would say even thrived. Same as Singapore with China. Of course, you can take the Cuba route and bring the nuclear missiles from Moscow, surely US will leave it fine. Side the side you want, keep a strong army but don’t join any military alliance seems to be the recipe for success when you leave close to a power you don’t like.

            • TheTechnician27@lemmy.world
              link
              fedilink
              English
              arrow-up
              40
              ·
              edit-2
              28 days ago

              I would say even thrived

              Finland has to keep one of the largest militaries on Earth solely due to their proximity with Russia, and they barely fended them off in the 1940s. Ukraine was the last straw, and they decided to join NATO. Switzerland??? Are you fucking high? Go look at a fucking map and see where Switzerland is, holy shit. Austria is once again fully enclosed by NATO countries except a small border with Switzerland to the west.

              I’m not even addressing the rest of the comment; citing Switzerland alone was too stupid for your worthless, propagandist drivel to be worth my time.

              • polar@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                ·
                28 days ago

                Usually countries have to decide between butter and guns (eco 101). Well, such “largest militaries on Earth” had it both! Like Switzerland, you do have to keep a strong military to dissuade, but aligning to a alliance when you are the spearhead is bad. Switzerland had made an alliance with France or Germany a century ago, would not have ended non invaded, 100% guaranteed.

              • polar@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                ·
                28 days ago

                intelligent counterargument… and ten upvotes. cool; disappointment a Lemmy community; seem just like another echo chamber as X.

                • Maiznieks@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  6
                  ·
                  28 days ago

                  I hope it makes your opinion unwelcome, come back when you grow up as a part of normal member of society.

                  Because noone actually added a pro-western opinion but rather rebutted your pro-russian tankie bs. And by bs i mean complete nonsense that fails to see a simple comparison of how west does not interfere and expand it’s territory on behalf of it’s neighbors through lies, sabotage and military, but russia does and has for decades. That’s the main reason why it’s neighbours have to spend on military instead of society growth, and now they have realised the tolerance or staying neutral does not work on country that has not grown as a respectful and healthy society member which is proven exactly by your comments.

                  Pretty sure you won’t be even bothered to read the whole comment and think it’s “huinya”, i know it because i live in a neighbouring country and i know it first hand it sucks to live next to russia.

      • reksas@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        5
        ·
        28 days ago

        i wish there was more we could do to help russians topple their dictatorship

    • geography082@lemm.ee
      link
      fedilink
      English
      arrow-up
      28
      ·
      28 days ago

      Linux Fundarion is based in America. It needs to follow its rules and politics. I guess a lot of things will happen after this. As something so important for open technology like It , should be based in a more open, mor asvanced in laws and neutral territory.

      • EarthShipTechIntern@lemm.ee
        link
        fedilink
        English
        arrow-up
        34
        ·
        28 days ago

        Linus is from Finland. Not hard to remember reasons for aversion to Russian propaganda for anyone raised near it.

        Blanketing the Linux Foundation as American based kind of sounds like you’re a Russian troll.

        • DrDystopia@lemy.lol
          link
          fedilink
          English
          arrow-up
          5
          ·
          28 days ago

          Calling out others as a Russian troll sound like a technique to shift scrutiny onto others.

          Exactly what a Russian troll would do!

        • polar@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          28 days ago

          You would think someone from Finland would know better that, when you are so close to a power you don’t like, the best way to prosper is by keeping neutrality,… look at Finland in the 60s-00s, Singapore, Austria… or you choose to pick the Ukrainian, Filipino and Cuban path…

        • geography082@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          26 days ago

          Heheheh paranoia fue. And no, just read on internet where is based. California so be precise

      • UnderpantsWeevil@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        ·
        28 days ago

        This is hardly the first time the core Linux code stack has been forked and independently developed. Seems like this is going to invite a Russia-specific development environment that just pulls in updates from the main branch and adds in Russia-internal development (which will likely then be copied by non-Russians and backloaded into the core Linux stack under someone else’s name, because why waste good dev work?)

        But the argument appears to be anyone with a Russian-sounding name is getting removed from the core development team, until they can prove to the American team that they aren’t… spooks, I guess? Also

        The driver code to which the dropped maintainers contributed remains in place.

        So this isn’t such a high security risk that the code is being pulled (presumably because its been vetted and appears beyond repute). This is purely a CYA move to eliminate veterans on the team because they were forthright about their identities.

        should be based in a more open, mor asvanced in laws and neutral territory.

        Its not clear how a policy of booting people based on their surnames accomplishes this.

    • jagged_circle@feddit.nl
      link
      fedilink
      English
      arrow-up
      14
      ·
      28 days ago

      With that logic, the US contributes should be expelled too. We have more examples of US folks being served NSLs than Russians.

      • UnderpantsWeevil@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        ·
        edit-2
        28 days ago

        Its an American-based venture, owned and operated by American businessmen. They’re not going to burn their own guys, even if some of them are spooks (no evidence that anyone on the core dev team is a spook, but crazy to think the FSB would have people in and the Five-Eyes guys wouldn’t).

        I do wonder how long until we start seeing mainstream code-forks that span geopolitical regions. Will we have a Digital Iron Curtain, with BRICS countries doing their own FOSS branches independently of NATO block?

        • jagged_circle@feddit.nl
          link
          fedilink
          English
          arrow-up
          6
          ·
          edit-2
          28 days ago

          Many European companies canceled contracts with US companies because of the NSL risk. I don’t think the devide is NATO. The US laws are a threat to security and privacy everywhere

          • UnderpantsWeevil@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            ·
            28 days ago

            Many European companies canceled contracts with US companies because of the NSL risk.

            I’d be curious to see who they were. My guess is that they are relatively small and easy enough to circumvent without breaking ties with America as a whole.

            But I’m not seeing Exxon, Boeing, or Microsoft pull out of Europe, despite being deeply embedded with sanctioned regimes.

            • jagged_circle@feddit.nl
              link
              fedilink
              English
              arrow-up
              3
              ·
              28 days ago

              Biden literally introduced legislation to prevent it because it was a mass exodus. The companies you mentioned are US companies. I mean EU companies won’t use US MSPs because of the risk

        • jagged_circle@feddit.nl
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          28 days ago

          All that says is that there’s a lot of people ITT who don’t know what a downvote button is for, and the mods aren’t doing their job

      • Ninjasftw@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        28 days ago

        Lol because russian is so open about who they give nsl to. Or they just poison/defenestrate them

    • polar@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      28 days ago

      What current situation?

      1. Is so hard to believe Open Source should be open? If there were a malicious intent, others would have been able to detect it in no time… because it is ‘open’! If the open system works, it should not matter there are CIA or FSB, commies or libertarians “infiltrated” making the code.

      2. If those Russians had been in that position is because their contributions have been stellar, otherwise they would never have gotten there. Their contribution and effort has been robbed from them just because they mothers give them birth in the wrong coordinates.

      3. Linus is a god for many of us… with human traits though… His Finland, although historically robbed by Russia, achieved its highest splendor during the decades of neutrality, not by fiercely antagonizing one or the other power… same as Switzerland, Ireland, Austria and Singapore.

      4. All this started with a US law so he has to comply with. However, instead of those unhelpful comments, he should say that in open software it is unwarranted… not to mention countries can get sanctions for their actions, but not civilians that cannot choose where they are born.

      5. If we are to believe that Moscow is trying to put something into the kernel “undetected”… gosh, what an organization based on the US with a so pro-establishment leader may be doing so? For real, now I am starting having my doubts on the kernel!

      • GreenKnight23@lemmy.world
        link
        fedilink
        English
        arrow-up
        17
        ·
        28 days ago

        you lost me at this

        If there were a malicious intent, others would have been able to detect it in no time… because it is ‘open’!

        not sure if troll or just really ignorant.

        • polar@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          28 days ago

          Executive Order 14071 is more than 2 yrs old… Linus waited till the grace deadline (in 1 week) to apply it, obviously he found it non necessary all this time and he trusted those Russians until the grace period expires. No, not so ignorant, nor a troll. And yes, Open systems is easy to detect maliciousness, better yet, you can pin point who contributed what for everyone to see.

          • GreenKnight23@lemmy.world
            link
            fedilink
            English
            arrow-up
            9
            ·
            28 days ago

            blah blah blah. you’re obviously trolling or have no idea how FOSS is developed.

            if FOSS is so secure then why is it a popular attack vector for Russian and Chinese espionage?

            just because something is public doesn’t make it inherently more secure, I’m honestly disappointed in your dangerous and clearly flawed take on FOSS.

            FOSS is great, but it’s really no more and no less secure than closed sourced software.

            • polar@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              28 days ago

              So why Linus waited 2 years and a half to apply the Order until the grace period expires? He obviously does not like Russia, but he did trust those individuals (or system)!

              • GreenKnight23@lemmy.world
                link
                fedilink
                English
                arrow-up
                5
                ·
                28 days ago

                I don’t care and I’m not going to argue the point you want to make because it’s frivolous.

                he’s the maintainer, he can do whatever the fuck he wants whenever the fuck he wants and to whomever the fuck he wants on his project.

      • polar@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        28 days ago

        My very fist post on lemmy and already see the upvote downvote game… When someone votes should be demanded a public reason, no?

        • DrDystopia@lemy.lol
          link
          fedilink
          English
          arrow-up
          1
          ·
          27 days ago

          At this point I’m just hanging out in this thread to block people with replies so awful I don’t think we’ll ever have the possibility to have a civil discussion about anything whatsoever, ever.

          It doesn’t even matter what “side” people take, it’s just 80% garbage here now.

    • IcePee@lemmy.beru.co
      link
      fedilink
      English
      arrow-up
      6
      ·
      28 days ago

      Not gonna lie, this is kinda a refutation of the whole open source model. I was led to believe that it shouldn’t matter who writes the code, as long the code is able to be interrogated/corrected.

      • jagged_circle@feddit.nl
        link
        fedilink
        English
        arrow-up
        28
        ·
        edit-2
        28 days ago

        All of it is. But its still possible to sneak backdoors into Foss software (though magnitudes harder). See xz.

        • polar@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          28 days ago

          If you can sneak backdoors, removing one side, would not make the other side, even if you consider the good one, be even more able to sneak one too. In election tables, what guarantees transparency is everyone represented at the table, not banning one side.

          • jagged_circle@feddit.nl
            link
            fedilink
            English
            arrow-up
            5
            ·
            28 days ago

            But NSLs force them to do it, and prevent them from talking about it. This is a bigger risk than something like the xz attack, because the barrier of entry is so low

    • index@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      1
      ·
      27 days ago

      The current ceo of usa is supporting a genocide in gaza and the former ceo is a fascist. Does the same logic apply here?

      • lefaucet@slrpnk.net
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        27 days ago

        I think pressure should be put on the US to divest from genocide. Sanctions from our allies would be helpful… Surely with the international court declaring Israel’s actions a war crime it is easy to make a case for it.

        Our election system has fucked over anti-zionists and needs reforming, which is happening, but not by this November.

        Ranked choice voting is gaining popularity, electoral college is under pressure and people are fed up with voter suppression and gerrymandering and things are moving in a positive direction on the local and state levels.