Not logged in
Log in now
Create an account
Subscribe to LWN
Deadline scheduling: coming soon?
LWN.net Weekly Edition for November 27, 2013
ACPI for ARM?
LWN.net Weekly Edition for November 21, 2013
GNU virtual private Ethernet
At least now security people will *maybe* be listened to a bit more carefully, at least I hope so.
KS2011: Kernel.org report
Posted Oct 25, 2011 10:01 UTC (Tue) by dgm (subscriber, #49227)
Kernel developers care a great deal about security, only not of the circus variety. CVE numbers and stuff do not make systems more secure, less bugs do.
And for what I can tell, people that say reasonable things do get listened to. Those just whoring for attention do tend to get ignored, though.
That language about "security people" is part of the problem. You're a contributor, or you're not. If you're soo cool that you need to distinguish yourself from the rest of the pack, maybe you should consider a career as a designer instead. The LKML will not give you the kind of reward you expect.
Posted Oct 28, 2011 20:12 UTC (Fri) by giraffedata (subscriber, #1954)
Your implication is that they were wrong to ignore the security vulnerabilities in kernel.org before and right to worry about them now. The opposite could be true too. As the risk is not greater now than before this compromise, aren't kernel.org people overreacting?
This is the same thing that always perplexes me when a person starts wearing a seat belt because a celebrity died by not wearing one. It's hard to believe the person has significantly more information about the risks of driving beltless after that one death, but there's a lot of psychology involved.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds