Linux Leader Expounds on His Colorful Comments
Somewhat known for his vivid — and sometimes vituperative — commentary, Linus Torvalds is no stranger to controversy. That experience may do him well this week, as the torches and pitchforks have come out and are marching his way after an interview with Network World reignited the flames fanned by last month's colorful commentary on security.
Just over a month ago, a message from the Hacker-in-Chief hit the Linux kernel mailing list with a detailed description of just how Mr. Torvalds feels about "security people" and the culture they promote. The message — which included such memorable phrases as "a bunch of masturbating monkeys" — caused an uproar among security advocates, particularly in the OpenBSD community, which was singled out by name.
The controversy is back on the front pages this week, as Linus rehashed the issue in his Network World interview, saying he's fed up with the "security circus," describing it as PR posturing on the part of two different, but equally irritating, camps. On one side, he says, are those who want total secrecy, refusing to disclose any bug until it has been patched, and on the other are those who "revel" in finding and disclosing bugs, which he attributes to a desire to embarrass vendors — "proof that the vendors are corrupt and crap, which admittedly mostly are." Torvalds described both groups as "crazy" and "idiots" more interested in the publicity surrounding their work than actually patching the vulnerabilities.
Linus says he practices a middle path — "the Unix model" — where bugs are reported privately, but are not kept secret indefinitely, vendors are compelled to patch vulnerabilities, without being publicly shamed, and the focus remains on fixing bugs and produces as little fanfare as possible. While that may certainly be the case for kernel bugs, "as little fanfare as possible" certainly doesn't describe the reception of his comments.
Justin Ryan is a Contributing Editor for Linux Journal.
|Chemistry on the Desktop||Mar 23, 2017|
|Five HPC Cost Considerations to Maximize ROI||Mar 23, 2017|
|Two Ways GDPR Will Change Your Data Storage Solution||Mar 22, 2017|
|Android Candy: That App Is for the Birds!||Mar 22, 2017|
|Hodge Podge||Mar 21, 2017|
|William Rothwell and Nick Garner's Certified Ethical Hacker Complete Video Course (Pearson IT Certification)||Mar 20, 2017|
- nginx and WordPress
- Two Factors Are Better Than One
- Polishing the wegrep Wrapper Script
- Let's Automate Let's Encrypt
- Spinning and Text Processing
- Finishing Up the Content Spinner
- IGEL Universal Desktop Converter
- Securing the Programmer
- Dave Taylor and Brandon Perry's Wicked Cool Shell Scripts (No Starch Press)