LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Stable kernel 2.6.27.5

Stable kernel 2.6.27.5

Posted Nov 9, 2008 14:51 UTC (Sun) by endecotp (guest, #36428)
In reply to: Stable kernel 2.6.27.5 by sbergman27
Parent article: Stable kernel 2.6.27.5

> I would prefer a more professional "Just the facts, Ma'am" approach
> to these things

I agree absolutely.

I honestly can't tell from the quoted message how important it is that I upgrade. On the face of it, it says I should upgrade. But it says it about four times with what look like jokes; is there some sort of "ironic" hidden message there that only regular LKML readers will understand? I'd be happiest if these announcements said - delete as appropriate -

(a) This release fixes known security problems;
(b) This release fixes some bugs that look bad but we don't really know if they are security issues or not;
(c) This release fixes serious bugs, but if you aren't using the affected drivers you'll not benefit from upgrading.

And get rid of the jokes.

(Log in to post comments)

Stable kernel 2.6.27.5

Posted Nov 9, 2008 16:11 UTC (Sun) by TRauMa (guest, #16483) [Link]

Why don't you use a vendor kernel, ie. one from redhat or novell. That way you get update notices without any trace of humor and clear upgrade instructions (basically, "install this, now, security fixes"). If it troubles you that the *release notes* are too unprofessional for direct enterprise consumption, you really should be more worried about the kernel itself.

Stable kernel 2.6.27.5

Posted Nov 9, 2008 16:29 UTC (Sun) by PaXTeam (subscriber, #24616) [Link]

> Why don't you use a vendor kernel, ie. one from redhat or novell.

what makes you think that all the world's needs can be satisfied with those kernels? clearly that's not the case.

Stable kernel 2.6.27.5

Posted Nov 9, 2008 17:31 UTC (Sun) by xorbe (subscriber, #3165) [Link]

If OP is in a position that he must roll out bleeding edge kernels, and he can't figure out what was fixed from kernel to kernel without being spoonfed endecotp-approved emails that accompany a kernel patch announcement...

World's needs? No. Enterprise needs? Sure.

Posted Nov 9, 2008 17:32 UTC (Sun) by khim (subscriber, #9252) [Link]

The fact is: nobody is interested in security. Not really. That's not what is selling. What you can sell (and for pretty hefty sum BTW) is perception of security. Vendor's kernels are perfect for this.

As for real security... Nothing is designed for it: linux is not designed for security, hardware is not designed with security in mind, etc... Yes, there are some things which can be used to enforce some [small] degree of security, but real protection is exchanged for 15%, 10% sometimes even 1% of additional speed!

I'm not even sure that's bad thing: sure OpenBSD is much better then Linux security-wise, but it can not be used as replacement because it's just too ineffective. If your OS can not process the data you want processed it does not matter if it's secure or not. Linux is learning this the hard way: Windows is chosen 9 times out of 10 instead of Linux because Linux (or rather set of programs available under Linux) is just not capable enough...

World's needs? No. Enterprise needs? Sure.

Posted Nov 9, 2008 22:26 UTC (Sun) by bojan (subscriber, #14302) [Link]

> perception of security

Yeah, that's what's being sold, just like with all other products. But, if a security hole gets fixed, it still makes the reality of running that kernel more secure.

World's needs? No. Enterprise needs? Sure.

Posted Nov 9, 2008 22:27 UTC (Sun) by efexis (guest, #26355) [Link]

That's not really too true. Security is very important to many people, just that as you move more into the corporate world, 'security' covers more aspects than purely hacker-proof. Unless your business is security, you're often not going to know it was well as someone else whose is, and you become more susceptible to marketing drives and "common knowledge" (which is fed by those who have the money to make what they want know to be "common knowledge").

There is plenty of interest in security, which is why so much /is/ designed with security in mind. But people have to learn, we're not born with the knowledge that we choose to live by or ignore. Most people just want it to be taken care of for them, and will pay, as learning how to secure your website, your computer, your car, your home, your communications... is a bit much for one person. Better to have different people specialise in different areas.

Stable kernel 2.6.27.5

Posted Nov 9, 2008 23:05 UTC (Sun) by endecotp (guest, #36428) [Link]

I'm not remotely concerned about how "professional" it seems. I am not an "enterprise" person. For example, I'm not much concerned about things like spelling mistakes. I just want to be able to actually understand it.

OpenSolaris is your choice then...

Posted Nov 9, 2008 16:16 UTC (Sun) by khim (subscriber, #9252) [Link]

It looks like you want "professional" service like Sun and Microsoft are offering. Where release notes are carefully designed to cause retching assault in reader from too much bombast. Well, you know there are choices. Solaris, Windows or even MacOS X. Linux developers don't play these games - if you can not understood from the announcement that you really need to upgrade then probebly you should use something else...

OpenSolaris is your choice then...

Posted Nov 9, 2008 16:41 UTC (Sun) by sbergman27 (subscriber, #10767) [Link]

"""
It looks like you want "professional" service like Sun and Microsoft are offering.
"""

Linux, you're 17 years old now, and your mother and I know that you want to be treated like an adult. But if you want people to do that, you must start acting like one, at least in public. What you do privately on the mailing lists with your friends is your own business, of course, as it always has been. But when making public announcements on serious topics it's a different matter.

OpenSolaris is your choice then...

Posted Nov 10, 2008 15:18 UTC (Mon) by edmon (guest, #26395) [Link]

there is exact word for behavior that you just describe and the word is: hypocrisy

Stable kernel 2.6.27.5

Posted Nov 9, 2008 20:48 UTC (Sun) by efexis (guest, #26355) [Link]

These people don't serve you, they do what they do because they enjoy it. The idea of squeezing the life out of programmers to please bosses is just terrible. They already allow people to use their work for free, and allow anyone else to strip out the fun and make it corporate if they wish, which means there are people you can pay to get what you wish from it.

What you're talking about should happen at the distros. --strip-fun should not be applied upstream. Anyone who doesn't like it can go get their own hobby to not enjoy.

Stable kernel 2.6.27.5

Posted Nov 9, 2008 20:58 UTC (Sun) by sbergman27 (subscriber, #10767) [Link]

"""
These people don't serve you, they do what they do because they enjoy it.
"""

So Linux is a hobby OS?

Stable kernel 2.6.27.5

Posted Nov 9, 2008 22:58 UTC (Sun) by nix (subscriber, #2304) [Link]

Where does !hobby imply 'humour is not permitted, all signs of life and
personality must be squeezed out'?

Stable kernel 2.6.27.5

Posted Nov 9, 2008 23:34 UTC (Sun) by sbergman27 (subscriber, #10767) [Link]

I make a distinction between horseplay on the mailing lists and inappropriate flippancy in release announcements, intended for public consumption, pertaining to serious subjects like, say, security vulnerabilities. Why some people are so eager to extrapolate from that position to one which prohibits the expression of emotion entirely is unknown. There is a time and place for levity, and a time and place for serious presentation of information. Confuse the two and credibility suffers. Most people learn that by the time they graduate from high school.

Stable kernel 2.6.27.5

Posted Nov 9, 2008 23:47 UTC (Sun) by bojan (subscriber, #14302) [Link]

To me, this:

> are strongly encouraged to upgrade. Very strongly. Did I mention that you all should upgrade? Seriously, what are you waiting for?

Is not even funny. It's sad that people releasing the kernel need to pretend like this and use euphemisms for "we fixed known security bugs in this release". And all while claiming that security bugs should not be treated differently than any other bugs.

If one knows about the problem and admits to it, at least one walks away from it with honesty still intact. Otherwise, one turns in a politician-like word-mincer.

Stable kernel 2.6.27.5

Posted Nov 10, 2008 10:28 UTC (Mon) by tialaramex (subscriber, #21167) [Link]

Watch that victory speech one more time. Isn't it (by your definition) inappropriate flippancy to use an address to the entire population of the world, upon being elected to the highest office in the most powerful nation, to tell your kids they can have a dog?

There's a saying in the army (a deadly serious profession if ever there was one) that if you can't take a joke you shouldn't have joined. Black humour indeed since the saying is thought to originate from the period of conscription. But they're quite serious. Refusing to see the funny side doesn't give you credibility, it makes you look inhuman.

This announcement conveys its message (what was released, and what you should do about it) and it has a little fun. I'm sure any number of software release RSS feeds relayed it in a form suitable for machines, lacking any humour or humanity and you are welcome to subscribe.

Stable kernel 2.6.27.5

Posted Nov 10, 2008 11:58 UTC (Mon) by bojan (subscriber, #14302) [Link]

> to tell your kids they can have a dog

So, he was referring there to some specific policy of the new administration? I don't think so.

On the other hand, this release of Linux refers to serious security issues with weasel words in an (unsuccessful) attempt to be funny. If the release notes were peppered with real words explaining the reasons for being strongly encouraged to upgrade, then it may even have been funny.

Stable kernel 2.6.27.5

Posted Nov 10, 2008 14:46 UTC (Mon) by sbergman27 (subscriber, #10767) [Link]

I find it fascinating just how far some fans will go in defending their team when a member of that team exercises poor judgement in public.

Stable kernel 2.6.27.5

Posted Nov 10, 2008 17:05 UTC (Mon) by drag (subscriber, #31333) [Link]

To be honest I don't think being flippant is a very bad thing. Even in public. It's somewhat bad, but not enough to make me care.

I am tired of P.C. and corporate-speak and all that shit. I've been hearing it all my life and all it's really used for is trying to obscure the facts and slip in subtle advertisements rather then transmitting honest information. It's confusing, irritating, and usually somewhat dishonest. That is what I call a 'bad thing'.

Between this kernel announcement and the horseshit, misleading information, and out and out lies that I see continuously on anti-virus websites and all sorts of other security-related software and corporate announcements/pronouncements/press releases... I'll take a flippant kernel announcement every time.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds