LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

"Stable" kernel 2.6.25.7 released

"Stable" kernel 2.6.25.7 released

Posted Jun 18, 2008 14:13 UTC (Wed) by PaXTeam (subscriber, #24616)
In reply to: "Stable" kernel 2.6.25.7 released by NAR
Parent article: Stable kernel 2.6.25.7 released 

i don't think i ever talked about malice, what i did say was dishonesty (they're not the
same). dishonesty about having a commitment to the public yet doing something else behind the
scenes. no bad ill is required for such behaviour, my *guess* is that it's normal human
psychology: you don't need to deal with the problems you don't admit you have. just look at
last week's LWN interview with Andrew Morton (he's fully aware of what's going on on the
security lists) and how he downplays the problem of security bugs, almost as if they were on
the verge of dying out because they're in fringe driver code and so rarely in core code. yeah,
of course they're rare if they don't publish the security impact of those bugs. watch this
quote:

  That being said, I have the impression that most of our "security holes"
  are bugs in ancient crufty old code, mainly drivers, which nobody runs
  and which nobody even loads. So most metrics and measurements on kernel
  security holes are, I believe, misleading and unuseful.

of course said "metrics and measurements" are "misleading and unuseful" if the kernel devs
falsify the input data.

(Log in to post comments)

"Stable" kernel 2.6.25.7 released

Posted Jun 18, 2008 16:55 UTC (Wed) by nix (subscriber, #2304) [Link] 

Sheesh. Dishonesty *implies* bad intent. If something is accidental or unintentional it's not
dishonest.

(Quibbling over the meanings of words only works if you know what the meanings of those words
actually *are*.)

"Stable" kernel 2.6.25.7 released

Posted Jun 18, 2008 17:47 UTC (Wed) by PaXTeam (subscriber, #24616) [Link] 

> (Quibbling over the meanings of words only works if you know what the
> meanings of those words actually *are*.)

hear hear brother! and let me help you out while i'm at it:
http://dictionary.reference.com/search?q=malice . malice requires intent to harm another out
of hostility, or something like that, you're the native speaker, i'm sure you can interpret it
properly. now, the kernel devs did not actually want to do anything like that, they simply
wanted to save face and look better in statistics, or so. that's not malice, only dishonesty
(they did know what they committed to in Documentation/SecurityBugs and did violate that
promise).

> If something is accidental or unintentional it's not dishonest.

strawman warning ;)! the suppression of security info in the commits we pointed out as such
was neither accidental nor unintentional (nor malicious, just dishonest), so i have no idea
what you're talking about.

"Stable" kernel 2.6.25.7 released

Posted Jun 19, 2008 9:47 UTC (Thu) by nix (subscriber, #2304) [Link] 

If you're not a native speaker, might I suggest *not* engaging in vast flamewars based solely
on parsing fine details of the meanings of words?

(Sheesh.)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds