Linux Leader Expounds on His Colorful Comments
Somewhat known for his vivid — and sometimes vituperative — commentary, Linus Torvalds is no stranger to controversy. That experience may do him well this week, as the torches and pitchforks have come out and are marching his way after an interview with Network World reignited the flames fanned by last month's colorful commentary on security.
Just over a month ago, a message from the Hacker-in-Chief hit the Linux kernel mailing list with a detailed description of just how Mr. Torvalds feels about "security people" and the culture they promote. The message — which included such memorable phrases as "a bunch of masturbating monkeys" — caused an uproar among security advocates, particularly in the OpenBSD community, which was singled out by name.
The controversy is back on the front pages this week, as Linus rehashed the issue in his Network World interview, saying he's fed up with the "security circus," describing it as PR posturing on the part of two different, but equally irritating, camps. On one side, he says, are those who want total secrecy, refusing to disclose any bug until it has been patched, and on the other are those who "revel" in finding and disclosing bugs, which he attributes to a desire to embarrass vendors — "proof that the vendors are corrupt and crap, which admittedly mostly are." Torvalds described both groups as "crazy" and "idiots" more interested in the publicity surrounding their work than actually patching the vulnerabilities.
Linus says he practices a middle path — "the Unix model" — where bugs are reported privately, but are not kept secret indefinitely, vendors are compelled to patch vulnerabilities, without being publicly shamed, and the focus remains on fixing bugs and produces as little fanfare as possible. While that may certainly be the case for kernel bugs, "as little fanfare as possible" certainly doesn't describe the reception of his comments.
Justin Ryan is a Contributing Editor for Linux Journal.
|PHP for Non-Developers||Jun 30, 2015|
|A Code Boot Camp for Underprivileged Kids||Jun 30, 2015|
|Comprehensive Identity Management and Audit for Red Hat Enterprise Linux||Jun 29, 2015|
|Linux Kernel 4.1 Released||Jun 26, 2015|
|Secure Server Deployments in Hostile Territory||Jun 25, 2015|
|Take Control of Growing Redis NoSQL Server Clusters||Jun 24, 2015|
- PHP for Non-Developers
- A Code Boot Camp for Underprivileged Kids
- Linux Kernel 4.1 Released
- Secure Server Deployments in Hostile Territory
- Comprehensive Identity Management and Audit for Red Hat Enterprise Linux
- Django Templates
- Cinnamon 2.6 Released
- Gettin' Sticky with It
- Practical Books for the Most Technical People on the Planet
- The AtoMiC Toolkit!