Linus Torvalds is quality! The coding world needs more highly opinionated lead programmers like this.
He's on the money with this rant, as he usually is.
Linux overlord Linus Torvalds has again vented his spleen online, taking on Red Hat employee David Howells with a series of expletive-laden posts on the topic of X.509 public key management standard. The action takes place on the Linux Kernel Mailing List, with Howell posting a request that Torvalds “pull this patchset please …
Linus rants for good reasons, yes. He's actually quite reserved; I recall being in an IRC channel in the mid 90s when someone was debating kernel design with him and heavily implying that he was an idiot at every turn in a really remarkably condescending way. Linus conceded the point at issue and left.
After Linus left the other people on channel told the person who the user account belonged to. Some level of amusement occurred.
This post has been deleted by its author
Absolutely. This shit is the epitome of the rot that's infected the IT industry for the last few decades. Malignant mega-corporations trying to achieve global domination by fucking up the competition with wilfully incompetent "standards". It's infected EVERYTHING... protocols, file formats, interfaces, EVERYWHERE... even supposedly "open" "standards"... OOXML anyone? The WWW? This whole ask Microsoft Inc for permission to boot your machine(s) is clearly madness. Madness by design. No one in the world is able to come up with a secure method to authenticate a boot sequence which doesn't involve begging the Microsoft Corporation for its blessing? Yeah, right... and I'm the fucking pope.
Clearly the politicians are far too stupid/corrupt to do anything about it. Fortunately Torvalds isn't a malignant mega-corporation. He seems to want to just get on with managing his kernel, rather than be diverted into playing stupid power games and subterfuge.
<-- A virtual Carlsberg for probably the best manager in the IT world.
::Furiously uploading Lagunitas Brewing `Maximus` & Mendocino Brewing `Red Tail Ale`::
(Note to the Euros in the audience: Most European beer sold in the USofA (including the varietals that are actually brewed here in the lower 48) are intentionally infected with Methyl Mercaptin, aka "skunked". Not a nice thing, at all. Thankfully, we have some pretty decent brews of our own on this side of the pond.)
"Skunk" is considered a good flavo(u)r in beer amongst hoi poloi here in the US. Sad, but true.
It's a holdover from shipping beer from England to the colonies. Bottled beer wasn't considered all that important in the great scheme of things, so it was stowed on-deck, in sunlight. UV skunks beer. Try it ... Split a tasty brew between two glasses. Park one in the fridge, in the dark. The other in full sunlight, but in an ice-bath to keep the temperatures similar. Taste after 15 minutes. Then after 30. Then after 45 ...
It's also the reason they try to make Corona taste good by stuffing a wedge of lime into the bottle ... Clear glass isn't conducive to good beer on a beach. I won't comment on that narsty "Fosters" crap ...
On the bright side, IPAs were begot from this horror-show ...
Beer, because some of us actually understand it :-)
"If the glass has heavy metal in it then it blocks UV."
I did not know this.
I thought window glass was UV opaque but it's mostly sodium, calcium and potassium oxides, all of which I'd describe as "light," rather than say Iron or Lead (handy for windows on radioactive stuff).
"It's also the reason they try to make Corona taste good by stuffing a wedge of lime into the bottle ... Clear glass isn't conducive to good beer on a beach. I won't comment on that narsty "Fosters" crap ...
On the bright side, IPAs were begot from this horror-show ...
Beer, because some of us actually understand it :-)"
Though apparently, in your cod science corner, you don't understand UV's reluctance to pass through glass.
"Though apparently, in your cod science corner, you don't understand UV's reluctance to pass through glass."
Ever seen a "tanning booth"? What, exactly, are the light bulbs made out of?
During the meanwhile, my Spring Veggies are quite happily started in my potting sheds & greenhouses. All comfortably encased in your so-called "UV-proof" glass.
The mind boggles ... How can it be? Greenhouses are a figment of the imagination of growers, word-wide! There's no fucking way that plants can live behind glass!
I guess the only answer is "idiots abound" ...
"This whole ask Microsoft Inc for permission to boot your machine(s) is clearly madness. Madness by design."
Great rant, even got the facts wrong, so massively wrong, i makes the perfect ill informed rant we love here. Top mark for getting so many up-votes for your inaccuracy as well. I applaud you!
1. You can turn off secure boot, but Win8RT will not run without it.
2. x86 / x64 Win8 does not require Secure boot at all. So you can use Linux happily
3. If you want to run Linux on a RT machine, just turn off secure boot.
3. if you want to run Linux + 8RT on the same machine, you can use a work around...
Here take a look from Wiki.
" Canonical also maintains its own private key to sign installations of Ubuntu pre-loaded on certified OEM computers that run the operating system, and also plans to enforce a secure boot requirement as well—requiring both a Canonical key and a Microsoft key (for compatibility reasons) to be included in their firmware. Fedora also uses efilinux as a shim, but signs the kernel and GRUB with the key and maintains its own signing key."
Indeed. RedHat needs to sign it themselves and use the nuclear competition option if the manufacturers refuse to honor it.
If a manufacturer tries to refuse to honor a valid OS signing key by a valid OS vendor "because it will invalidate their MSFT compliance" then this is a competition commission/FTC matter. RedHat is both big enough to drive it through and "commercial" enough to have all the means and reasons to drive it through with the big four - Lenovo, HP, Dell and Acer. With MSFT history of competition violations they will end up paying another few billions into the "salvage nations with fraudulent accounts benevolent fund" before they can even say uncle. Either that or concede outright.
In both cases the end result will be MSFT scoring an own goal - creating an environment for shipping certified linux builds on par with their own stuff.
Oh please! if he were any more full of crap we could turn the guy into a methane farm! wanna know why drivers suck in Linux? Linus "I'm too good for an ABI, even though BSD, Solaris, Windows, OSX and even OS/2 has one" Torvalds.
And if you want to know what this is REALLY about and why MSFT has HAD to go SecureBoot look up "Win 7 SP1 all versions" on TPB. The pirates have a version of Windows that PASSES WGA and most people will never ever know that version of Win 7 they got from Joe's PC hut ain't legit. they tried WGA, that failed, that tried just giving OEMs VLKs, that failed, now they are down to secure boot because every other thing has been hacked by thieves.
But I say if Torvalds doesn't want to support SecureBoot? Good, keep Linux on ARM and the one vendor (AMD) that has chosen CoreBoot over UEFI. If you think Linux is great then vote with your wallets, buy ONLY Linux hardware, and we'll see if Linux has enough of a market to be worth supporting. i have a feeling though outside the server space the numbers will be lower than the margin for error.
@kb - so what you are saying is that in spite of the millions and millions of legitimate licenses that M$ sells in a year, those of us in IT would have to suffer thru SecureBoot because M$ is worried about a few percent being pirated? Fuck that. The whole PC industry shouldn't be borked just because M$ is losing a few percent of sales. We've already had to bend over and kiss our own asses for years to keep M$ happy. If M$ wants to make sure all copies of their OS are legit they should port it to the IBM mainframe and drop support for PCs, then see how long they maintain market dominance. The PC world should stay open and usable. Not all of us are total M$ whores, some of us have real work to do on these toy computers.
"@kb - so what you are saying is that in spite of the millions and millions of legitimate licenses that M$ sells in a year, those of us in IT would have to suffer thru SecureBoot because M$ is worried about a few percent being pirated? "
"The whole PC industry shouldn't be borked just because M$ is losing a few percent of sales. "
It's not like they have not done this before.
"We've already had to bend over and kiss our own asses for years to keep M$ happy."
And MS see no reason why you the
mark customer should not continue to do so.
"Not all of us are total M$ whores, some of us have real work to do on these toy computers."
But you're not using a copy of their OS to do it.
The bald turkey dancer hates that.
So what you seem to be saying is that Microsoft went with secure boot for the private purpose of maintaining and extending an effective monopoly, designed their implementation to inconvenience or prevent use by providers of other operating systems (Linux is not the only one), and arm-twisted hardware manufacturers with the threat of second tier status for noncompliance.
And you are OK with that? Go away!
Generally, there's no need to buy Linux hardware (HW) because most HW is Linux compatible or should that be 'Linux just works' most of the time with most HW (can Windows say that?).
I like MS. I think MS did a lot for the computer world. Where Linux and X didn't make it mainstream, Windows did. I'd go as far as saying that MS has been good for Linux because it's ideas about usability and OS marketing have been the light many Linux distros needed. Saying that, I like choice, I like freedom and I like tinkering; it's now time for MS to learn from Linux.
I also like AMD and ARM. ARM is the future but for now AMD is good value for money and easier to make use of in terms of mobo options and OS options (though many Linux OS's support ARM).
Whichever way we look at it, we'll most likely be in a Linux-ARM world before the end of the next decade. I look forward to the future's cometh ;)
This post has been deleted by its author
Exactly right, and you can believe Linus spoke to him quietly first.
He only rants at fools who don't listen and this is a classic example of corporate dogs breakfastery from Red Hat, again, the Linus -v- M$ battle is long over, we won.
There is 10 times more linux in mobile and embedded than on the desktop, and since the Bosch debacle burned BMW, Mercedes it will stay that way.
I was a Flight Vontrol meetin in Dessault the other day and some corporate suite gor as far as "Why don't you consider M$ RT?" for 5 engineers to tell hime we don't want our planes to crash fool!
Linus is one of the best developer of all time shown not only by the gernel but even more clearly by GIT.
There are three scenarios there:
1. MSFT forgets to renew key
2. Manufacturer forgets or fails to update to new key as the key is in loaded into the EFI even if MSFT does so
3. The computer is bricked during the update. Hello Samsung, what is the size of a X509 certificate record write into X509 once again?
There would be dismembered, gore-dripping, body parts lying around... His response to this crud is as measured as it can get, IMHO. This entire kerfuffle with regard to UEFI and secure boot is just a ploy to lock people into systems that violate their freedom and expose them to even more egregious exploitation.
For those who have to play the corporate tune, use terms like "business continuity risk", "lock in", "lack of second sourcing", "critical uncontrolled dependencies" - that will work because it spells either "risk" or "costly" - it's the only language management understands.
When I first heard about this shit, I knew what was behind this nefarious move.
Microslop and its hardware partners trying their best to turn PCs into locked down appliances.
They saw how stupid sheeple bought into the locked down garden of smartphones, and realized that lockdown could be extended to PCs with some work.
It doesn't take a fucking rocket scientist to see who the winners are.
And, of course, we all know who loses in this contest.
Not that I understand Red Hat, but why does Red Hat even care at this point, won't they go it alone and do what they will regardless? This might be wrong to state, but I think Red Hat just wants someone else to do their work for them, and of course reserving the opportunity for afterwards to say "At least we tried!" to the LInux community.
On a side note to induce conspiracy: Windows 8 isn't doing that great, and now Red Hat is professing they still want to make inroads with Microsoft? Reads as if Red Hat is trying to help Microsoft during Microsoft's struggling times. From the view of competition, this wouldn't of been too outrageous in 1999, but in 2013, when Microsoft is in decline....? I guess Red Hat isn't going to let Microsoft fail!
Is it too soon (or too late) to say F*ck You Red Hat?
You mean, he is not a slimy, corrupt and spineless "business person" like your paymasters ?
Horrible, indeed !
I say, buy Chinese or British CPUs if that is the only option to stop the UEFI $hit. And don't tell me you actually need those 2.8GHz from slimebag-bribery silicon Inc. If you don't use these insane resource-wasters like Gnome, Java KDE, alternative CPUs will be 100% OK.
Here's a list:
OK, you don't like UEFI or locking in - that's perfectly fine - but to say nobody could use the power of the most recent Intel CPUs is just fantasy.
Have fun encoding video for days that could have been done in hours, or playing x86 compiled Windows games (again, if you need the power, these are the things you end up doing).
I personally am glad to see that he isn't afraid to call it how he sees it. If he thinks it's stupid, I'm glad he has the nerve to call it so, bluntly and plainly without weasel words.
I would speculate, though, that a lot of the rest he is as ranty as he is, is simply because he is passionate about what he does. People who are passionate about what they do, they live and breathe it, and it flows through them. Drama is the inevitable side effect of someone who is that passionate about it.
That was just the point I was going to make, with the extension that it is good for Linux that he still feels such passion about it. You might argue that a bit of cruft in the kernel is nothing to get so bent out of shape about, but if you really are trying to make an OS that is as good as it can be, then the passion may be the best thing that Linux has going for it.
However, I think that better economic models might be even better. Concretely, I think Microsoft has AWFUL software and they would sell me nothing on their own merits. I use quite a bit of Microsoft's software simply because their economic models work so well that I have no choice. In various ways, Microsoft strips off my freedoms and forces me to use garbage, and Microsoft thinks they are offering me a 'meaningful and unconstrained) choice by letting me choose whether the biggest piece of their garbage I use is numbered 7 or 8. This is NOT freedom, and perhaps equally important, this is how evolution is slowed down.
For a better economic model for Linux, may I (again) suggest "reverse auction charity shares"? Unfortunately I lack passion about it.
That's fine if all Linus wants to do is preach to the choir while nobody else takes him seriously. As long as you wouldn't criticize <insert CEO you hate the most> for speaking the same way as him then I cannot fault your opinion. Still I wish he would represent Linux in a positive light to the general public and not just fanbois who accept anything he has as gospel. If he can't control his feelings when speaking then he just needs to get over himself and grow up or STFU.
@rcorrect, you think Linus was conversing with the general public? I really wish that were the case considering the topic but 98% of the population wouldn't know what they were talking about. If people can't understand the context then maybe they should, as you put it, STFU? huh?
FYI, the web is public but what you see isn't often targeted to the general world+dog. Besides content there's this thing called context. While proprietary businesses and governments may do these things behinds closed doors and disguise them as private matters, that's not how the OSS world works. Those coding GNU/Linux probably could care less what the "public" thinks when they are writing code but the public is welcome to look at it. Again, OSS is not old school business with lots of protectionist mechanisms disguised as corporate policy and politeness.
"@rcorrect, you think Linus was conversing with the general public?"
Good point. Most people are often childish when they're with their mates. This is no different to the Ballmer chair-throwing the OSS crowd are so fond of bringing up. Just done by someone who's said or done something you approve of.
"Again, OSS is not old school business with lots of protectionist mechanisms disguised as corporate policy and politeness."
Wow, what a bunch of free-thinking heroes. To borrow what you all say to each other.
"""As long as you wouldn't criticize <insert CEO you hate the most> for speaking the same way ..."""
I'd love it if every CEO (and other people in positions of economic of government power) would speak like this - this sounds like how adults communicate, and I know that some of those CEOs, at least some of the time, would like to be allowed to talk like that in public. I'd much prefer the occasional emotional expletive to flavorless, clean statements that are designed to make life easy for the relevant Legal and/or HR departments.
As a way to summarize what redhat wanted... Well I have the most loose of understanding when it comes to kernel code and uefi so this analogy could be entirely wrong.
Linux Kernel = manufacturer of a key component
Red Hat etc = consumer of said product.
Microsoft = competitor to both linux and red hat.
Microsoft have released a new security feature built into their hardware option, and they're enforcing this on others, there are ways around it however.
Red Hat could implement something like this themselves, but their lives would be easier if Linux kernel handled it for them, so they request "Can you implement Microsofts UEFI stuff?"
Linux turns around and say "no fuck off" why? Because not only is the idea stupid. It's not a kernel operation. The kernel has one job and one alone (well it's loads of small jobs that handle one job) UEFI is not one of those jobs. The moment they start allowing excess functionality to flood the kernel is the moment the kernel goes downhill. The fact that the kernel is (in comparison) streamlined is one of the main selling points of linux.
Okay this went from hardware to software very quickly. Fuck it carrying on.
Additional to keeping things streamlined. If they start letting excess bits go in now which aren't needed, it opens the floodgates. First UEFI, then encryption, then we'll start seeing things like GNOME built into the kernel.
If it can be done outside of the kernel, as well as it could be in the kernel, it doesn't belong in the kernel.
It's like buying a car with a GPS built in. You can either get a car for £50,000 or get it with GPS built in for £55000. OR you could buy the car for £50,000 and buy a tomtom for £100 that you just plug in. Costs less and you still have the same car.
Is not that far off.
I would suggest the use of a car, for a better analogy.
You have transportation needs, and all kinds of cars (and trucks) are available.
You can buy one that closely meets your needs, providing the basic functionality, and few bells and whistles, or you can go 'all out' and buy a luxury sedan, or colossal SUV.
What the luxury sedan/SUV option comes with is added bloat and potentially extra costs. If you go to a vehicle with power windows, and the power motor quits, you have the expense of repairing/replacing the motor. Linus takes a similar tact to the kernel. Keep all of that UNNEEDED SHIT OUT OF THE KERNEL. If you actually NEED that bloat, include it elsewhere. Why clog up the kernel with it.
So, I applaud that guy. His motto is:
Nice article but IMO you left some important details out. Now, I understand that we should obviously check the source material ourselves in order to form our opinion on it, but IMO the El Reg article as-is makes Linus look way more negative than he actually is.
The reason I think so is because your article never makes it clear as to why Linus thinks this is a stupid suggestion, Microsoft had nothing to do with that, something which can be read here (link to lkml.org):
"Umm. And which part of "We already support that, using standard X.509
certificates" did we suddenly miss?
So no. The PE file thing makes no sense what-so-ever. What you mention
we can already do, and we already do it *better*."
...in response to comments that RH only wanted to add functionality to the kernel which allows kernel module programmers to sign the module and vouch for it themselves.
If by "much of the world" you mean "Microsoft", yes. In watching this general topic with a certain amount of attentiveness for the last year or so, I nave not noticed others showing more than acquiescence in a move transparently aimed at cementing a monopoly and extending it to a new class of devices (not that MS seem to having much success with Windows RT). Code signing is not the real issue: Most or all of the code i install on Debian systems is signed and I think validated at installation time, although not at each use.
While secure boot may have some benefit in system management and attack detection/prevention, I don't feel that I actually own a piece of hardware if I do not receive, with it, the software required to generate a self-signed platform key and install and maintain the secure boot software validation key chain (including the platform key of my choice. And requiring me to trust Microsoft (or any other entity) to determine what software I install is a nonstarter - they have not earned that trust.
I don't know if you're aware of SecureBoot, it's part of the UEFI spec. MS are trying to make sure that competing OSes, particularly Linux, aren't prevented from running, when secure boot is switched on. In order to do this they have said that they will sign bootloaders for Linux distros for free, in order that the distros don't have to go to verisign.
Hmm... Not sure that telling the biggest Linux desktop/server player to fork the kernel would be a particularly good idea. It would be spectacularly bad for Linux. The vast majority of major linux users use RedHat derived OSes, they are not going to move from RedHat, the linux enthusiasts would start an ideological war a la OO/LO, but would likely loose as big business is so invested in Red Hat. You could well end up with Ubuntu for home, Red Hat for work...
"The vast majority of major linux users use RedHat derived OSes" - I am a bit skeptical about this statement, although it obviously is in need of a definition of "major." See:
This does not report usage, to be sure, but in the universe of Gnu/Linux users, high regard is likely to be followed by adoption, especially since the various distributions are substitutable one for another.
Linus is essentially defending Linux from becoming a project that is subverted by commercial interests. And please, don't believe there is a single "good corporation/company" around. ALL of them are subject to massive financial pressure/desire then and now. Maybe this time M$ dangled two billion dollars in front of Redhat to make them do their bidding. M$ already did this to Novell/SuSE, who complied by releasing a crap quality version of Linux. I suspect they did it to Canonical.
So Linux uses strong words to fend off the corrupt folks ? Rightly so. It is his DUTY.
"Linus is essentially defending Linux from becoming a project that is subverted by commercial interests."
Now, this is why I wrote my earlier comment because IMO this is only what this article insinuates but it isn't true perse. The way I see it Linus even stands way above petty stuff such as commercial interests; all he cares for is that the kernel which he maintains remains sane.
The reason I come to this conclusion is because "the evil Microsoft" themselves have also contributed code to the kernel. Not only that; one could even argue that their motivation for doing so was partly to get Linux to better co-exist within their Windows networks. But despite their commercial interests Linus still deemed their contributions to be valid enhancements to the kernel and as such they got implemented. IMO because Linus couldn't care less about those commercial interests but more so for getting solid additions to the kernel which he maintains.
Don't take my word for it; check out this link to a PDF file released by the Linux Foundation on kernel development. Go to page 11 (page 10 contains the header of the chart) and see for yourself what company made it into the top 20 list of kernel contributors.
This post has been deleted by its author
...Mr. Torvalds has shown himself to be unprofessional, abusive and a bully. Why do Linux allow him to stay in charge? In many territories what he has done would be a crime (verbal/written assault is still assault).
Would you lot forgive Ballmer, Ellison, Page, Cook, or Zukerberg if they behaved in such a rude an infantile manner? No. So why let Mr. Torvalds away with it?
If Linux wishes to be taken seriously, it's time Mr. Torvalds was removed.
You need to seriously reassess your values.
I could counter by saying "MTFU". But I won't. Sticks and stones an' all that.
What did you expect? A warm coco, a hug and a suggestion that perhaps a little tweaking would make sure everyone's teddies didn't cry?
No way...he was doing the kernel equivalent of trying to stick it in reverse while doing 80mph in the outside lane of the M1 at rush hour. I'd have been screaming and cursing too if you tried that in my car.
I'm not saying anything about the worthiness of the patch, all I am saying is that Mr. Torvalds' response was totally unprofessional and abusive. All he had to do was say:
"Not accepting this patch as it's not the kernel's job. The architecture is also wrong because of A, B, and C."
Did he? No. He launched into an expletive laden public attack and you lot loved it. Think how you'd feel if your manager or a hired-in contractor dressed you down the same way in front of your colleagues or on the street; would you just suck it up or would you report the person to HR (if not the police)?
Mr. Torvalds is beyond reproach. Double-standards, people; double-standards.
If someone comes out with something lacking any merit at all on a public forum/mailingList then they are accepting that their ideas may be assessed and possibly ridiculed if meriting it. In the same way someone comes on some forum and doesn't leave their real name just hiding behind the AC nonsense. The ideas proposed by the RedHat employee lacked any merit at all (IMHO), and needed to be categorised as such. Linus did that, whilst suggesting that they could be kept in user space. Suggest you look up bullying in the dictionary before making such utterings
"persistability" is on your birth certificate is it? No, didn't think so. You are just an anonymous, get over it.
"The ideas proposed by the RedHat employee lacked any merit at all (IMHO)"
That's fine. The patch can be rejected.
bully, noun: A person who is habitually cruel or overbearing, especially to smaller or weaker people; A hired ruffian; a thug.
Seems to fit Mr. Torvalds rather well based on his current actions.
I have no issue at all with Mr. Torvalds rejecting updates to the kernel; I have every issue with him acting in this bullying manner. We wouldn't tolerate it from any other executive, elected official or public person; so why should we tolerate it from him? High time the Linux Foundation censured him.
This post has been deleted by its author
"Not educating people can be considered a harm."
"Forcing people to suffer a public (and expletive laden) assault is not considered a harm?"
No, it isn't.
Also, no'one's being forced to "suffer" being told they're being stupid. They avoid it by not persisting in being stupid in a public forum.
"You need to seriously reassess your values."
No, I really don't. Telling people they're being stupid when they're being stupid is not necessarily a bad outcome, even if you do it using firey language.
@AC 11:39 - Yeah, but we're only holding Linus up to the standards of the society in which we and he lives. Not asking for any special favours because he grew up in a completely different culture. In fact, he grew up in Finland, where this sort of behaviour would not be tolerated in a company.
OSS is not a company, it's basically like a large charity full of talented volunteers giving their free time to make something useful for the benefit of anyone who fancies playing with it. A corporation, having sold a product with certain gaurantees has a duty to the customer and the employees of the company to ensure that everyone behaves or they will incur finanical or legal issues.
Linux started the Linux kernel on his own ( note that Linus is just handling the kernel, what gets slapped on top is none of his business ), so technically it's his "ball" and he can pick it up anytime he likes and bugger off with it. It's not a corportation or an owned entitiy, so he can do whatever he likes. IF he's seen as a dick once too often then the people "working" for him have a choice tell him or they can walk if they like and there's no finanical penalties for anyone.
All those other you mentioned are beholden to their shareholders and to a large extent those people's wages ( via huge stock options ) are based on company performance, Ellison, Gates, etc act like pricks the shareholders start a ruckus, the board asks questions and financial penalties can be put in place to bring the CEO to heel. Linus goes a bit loopy at some volunteers they can happily tell him to stick his kernel code up his compiler and walk off.
>>Would you lot forgive Ballmer, Ellison, Page, Cook, or Zukerberg if they behaved in such a rude an infantile manner? No. So why let Mr. Torvalds away with it?
Nice that others understand my earlier points. Just have a look at the related stories for this article. It makes me sad to see someone I admire acting like a b*tch. If Linux can't control his emotions for his own good then he should do it for the community.
'SHUT THE F**K UP!' The moment Linus Torvalds ruined a dev's year (4 January 2013)
Torvalds: I want to be nice, and curse less, but it's just not in me (7 November 2012)
KDE 'annoys the hell of' Linus Torvalds (5 November 2012)
Linux on ARM breakthrough to take away Torvalds' arse pain (10 October 2012)
Torvalds bellows: 'The GNOME PEOPLE are in TOTAL DENIAL' (4 September 2012)
Linus Torvalds drops F-bomb on NVIDIA (18 June 2012)
'Kill yourself now' - Torvalds throws openSUSE security tantrum (29 February 2012)
UEFI is a bloated piece of crap and is now a wedge for Microsoft to prevent alternative operating systems. I wish mobo vendors would switch to Coreboot (LinuxBIOS) or something simple. All I ever want in a BIOS is hardware initialization and a boot menu that can load ELF images from ext2/3/4.
" All I ever want in a BIOS is hardware initialization and a boot menu that can load ELF images from ext2/3/4
..... and all MS supposedly want is hardware that can load MS images....
So how are you any different?
What about the people who want to boot ufs2 or something else for that matter...
People often moan that Americans think the world consists of "America" and "Not America"
Unfortunately, many Linux people think the OS world consists of "Linux" and "Not Linux"
Linux comes out with ALSA (with the L actually standing for 'Linux)' simply because they couldn't get right their version of OSS (mixing/latency problems which are non-existent in other OSs).
devfs doesn't work properly, but instead of fixing it, they come up with udev : http://linux.about.com/od/srl_howto/a/hwtsrl12t07.htm
Sigh. Linux may be open-source, but you have to laugh when the linux people say how 'free' and portable Linux stuff is when compared to MS windows, but "embrace and extend" can often be applied to Linux/GNU and apps too
Anonymous coward wrote: "ALSA and udev problems does not entitle Microsoft to prevent every other OS from booting on a general purpose PC. What's your point here ?
I went off on a tangent a bit, about how some people who generally want openness really mean "so it will work with Linux", but I agree with your comment above. The point is, I'm sure that if the UEFI issue *didn't* affect Linux distros, there would hardly be a whimper from many of the Linux people about openness and the freedom to run *any* OS.
Altes Schlactross wrote: "Mr Jones is just a $hill."
I never normally reply to people who use "$" instead of "s". It smacks of immaturity. But thanks for helping prove my point - just because I dare criticise something to do with Linux, I'm automatically an MS groupie?
I use Linux, but it's not my primary system. Apart from fixing friends computers, I haven't used any MS products in over 10 years. (And no, this doesn't mean I'm an Apple shill either) - Thank-you for your response, though!
Would the Reg moderators please start enforcing the ban on accusations of shilling? Really, I don't know why you people bother to publish Ts&Cs for commenting if you let everyone ignore them.
Children like Schlachtross shouting "shill" in every other post are beyond tiresome - they demonstrate their own inability to think critically or mount an actual argument. It's noise, pure and simple.
He sounds a bit different here:
In brief, the Linux world is too disjointed to coordinate their negotiations with vendors. Fedora took a highly ethical approach and decided not to go it alone because of their power in comparison to other distros. So the result is that the MS approach was not only the most cost effective, but also apparently accepted (albeit reluctantly) by Torvalds.
Has he changed his tune?
This post has been deleted by a moderator
This post has been deleted by its author
Every serious movement relies on the motivated foot soldier. Well done private Eadon !
Now, waste no time and take you that $hitlobbing catapult behind the hill on the left side ! According to reports, it is manned by the 17th brigade of the shell-less snails from the province of sharepointia.
Some people think grouchy = genius, and it doesn't work that way.
But the big problem is you can't assign staff to work with him without opening yourself up to lawsuits.
You can't claim in court you didn't know Torvalds was like this, that he might treat your employees like this, but you assigned someone to deal with him and his organization.
You're always at risk of this person you've assigned your staff to work for being subjected to public harassment and international coverage of that humiliation.
Even if a staff member volunteers to deal with Torvalds you can still be found legally libel for failing to prevent the harassment.
i can't blame nVidia for protecting its staff from him, nVidia is only being a responsible employer in protecting its staff.
Might just be me, but that reflects badly on the litigous society we live in, not on Linus.
The simple fact is, the head bod needs to be passionate and strong willed. Management by committee doesn't work, you need someone with the balls to call a turd a turd.
Kernel coders are a strange lot, and things get very heated very quickly sometimes. Its just the nature of coding at that level, you can't honestly tell me you've never got intensely frustrated when someone just won't get what's plainly obvious to you?
...he is presumably experienced enough to know the likely reaction and he has apparently let the matter rest almost immediately. It sounds a lot like Red Hat management assuming that Microsoft would prefer them to do it this way and therefore leaning on their kernel developers to at least try and persuade Linus. But no-one's heart was really in it. Even Linus seems to have bl**ped out his bad language.
"It is not as if there is no polite alternative. The rest of the world manages fine without acting like a total antisocial jerk at the drop of a hat."
You mean the passive aggressive, heavy on bullshit, buzzword laden shit you get from executives when they want to 'politely suggest' your 'function' be 're-engineered' to facilitate 'revised corporate earnings'? Do you honestly think that's shit isn't hugely obnoxious? If you want to tell someone to fuck off, tell them to fuck off. Obfuscating your communication results in far worse bullying than just telling someone the honest truth as you perceive it.
Do you guys run a script on every mail from Linus on the LKML to find ones with naughty words so that you can turn it into a cheap story or something? This is the third story in the last month or so that is basically "Linus used naughty words! OH NOES!".. Linus runs the show and doesn't mind telling people what he thinks. Get over it. If you're going to report on something Linus is doing at least report the complete context and don't base the whole story on Linus using certain words.
As for RedHat.. The need to start telling some of their devs to stop fucking shit up on purpose and taking over critical userland tools like udev and breaking them for everyone that doesn't want whatever shit Lennart Poettering has come up with that week.
While I do wish Linus would conduct himself with a level of maturity more befitting his age in these conversations he is absolutely right. Allowing MS signed code into the kernel would be so incredibly stupid that it's beyond belief. Me, I'd have been tempted to remind they guy that April 1 is still a little over a month off.
UEFI is a global standard and has members from all the major OS players in it.
So what's the big deal?
If i'm understanding this right ...
Linus doing his usual bitching freak out over a global standard ... and what's even funnier, this thread has become a Microsoft bashing sesh again ... WTF !!
Red Hat could get the code signed by verisign not Microsoft but it would cost them, and Microsoft are offering to do this for free (which I think is pretty good of them) so why wouldn't Red Hat want that?
Many have failed to understand that in a corporate world very little is open source, and corporate guarantees are more important than "openness and fluffy ideals". I challenge you Linux obsessed to find a corporation that runs on key software that isn't in some way either bought from a big corporation or written almost entirely internally.
companies need stability and assurances not ideals.
Linus is well known for sticking it to the man with this attitude but it's about time he stepped up and showed us all what a real OS is ... BY MAKING ONE!
When he's done with that I'll be interested in what he has to say, until then ... seriously ... back in your box child!
That said ...
He may be right at some level that i've missed, that being the case, he still needs to grow up and learn to present arguments professionally ... I can't respect a guy that can only solve his problems by ranting like this.
This basically has nothing to do with Microsoft so STFU all you M$ haters and get a real argument that isn't like 30 years old.
.. finally ...
Yeh I know how this comes across but it's not about if i like linux or windows is about cold hard facts ...
Why do people always feel the need to bitch about Microsoft even when they have no involvement over some anticompetitive practises from way back?
Its pointless and serves no purpose other than to prove how narrow minded you are.
Linus is well known for sticking it to the man with this attitude but it's about time he stepped up and showed us all what a real OS is ... BY MAKING ONE!
You mean like one that's on more devices than all other OSes combined? One so ubiquitous that it's in every reasonably modern home several times over? One that you'd have to give up modern life, or at least modern electronics, completely to get away from? Yeah, he's done that.
You're totally wrong and your arguments are lame.
If you would have the slightest idea about secure boot, you would know by now that Verisign has nothing to do with it. It is that UEFI secure boot is verifying binaries using only Microsoft public key (convenient isn't it?). You may very well pay Verisign to sign your shiny keys but UEFI is not going to use them ever. Why ? Why, ask Microsoft! So, to put this simpler for your brain, if it is not signed by Microsoft it will not boot.
Now go and rant about Windows versus Linux as much as you like.
'Many have failed to understand that in a corporate world very little is open source, and corporate guarantees are more important than "openness and fluffy ideals".'
Openness is not fluffy ideals. It's savings in money. What you call corporate guarantees is also known as vendor lockin, which is costs big money to companies. The IT business world is all about vendors trying to lock you in and smart customers fighting it.
'I challenge you Linux obsessed to find a corporation that runs on key software that isn't in some way either bought from a big corporation or written almost entirely internally.'
And why do some opt to develop their key software internally? To avoid vendor lockin, but it's expensive. The third alternative is to demand open standards from your vendors. You know, those "fluffy ideals" you write about. Secondly, it's not either big corporate or open source. Big corporations use, contirbute to, sell and promote open source. If you haven't seen or read about it you're totally of the picture.
Sadly so many commenters here think IT = Desktop and by extension Linux = Desktop. Everything from your Android phone to your wireless router and Sony TV are running on Linux. *That* is the context you should think about when considering the stupidity of tying down the Linux kernel with specifics of one platform like secure booting a PC.
This post has been deleted by its author
At the risk of irritating people, I have a hard time getting excited about dual booting machines. M$ has never played nice, and probably never will. In the meantime, a *IX can host multiple virtual machines, including the M$ "products". All's it takes is a little beef in the machine spec, and you can have cake, and eat it too. Running OpenSUSE, with Virtualbox, have 5 different VM's running at same time, no appreciable performance deterioration. All on a laptop with 32GB RAM.
I think you should read the instruction sheet by your Lead Propagandist again. The enemy of the day is that non-compliant Mr Thorvalds; an eccentric software engineer who can't be easily disciplined by calling up his CEO and the bank of his CEO. You are supposed to not attack that "Red Hat" thing and to lob all your $hit onto Mr Thorvalds.
Sincerely, Kevin MrMarsteller, Senior Propaganda Supervisor
Instead of Red Hat, OpenSuse and Ubuntu trying to accommodate Microsoft power grab individually, they should have all united their forces against those who crafted secure boot specs in UEFI 2.2
[Quote] Once the key is written, secure boot enters "User" mode, where only drivers and loaders signed with the platform key can be loaded by the firmware. Additional "Key Exchange Keys" (KEK) can be added to a database stored in memory to allow other certificates to be used, but they must still have a connection to the private portion of the Platform key. [/Quote]
For all those here who would try to make us believe Microsoft has nothing to do with it, please note that the the platform key is Microsoft's key, so any other key must be approved by them.
Pretty neat isn't it?
It is the customers choice to want to run Windows.
If the customer doesn't want windows, they don't have to deal with what MS wants.
People might want to call the customer names, might want to tell them to f* themselves or whatever, but it is the customer's choice.
So UEFI is more a customer requirement than an MS requirement.
MS implemented UEFI due to huge amounts of hacking and root kits directed against Windows. Something like UEFI was probably the only realistic solution.
Date Thu, 21 Feb 2013 18:11:57 +0000
From Matthew Garrett <>
Subject Re: [GIT PULL] Load keys from signed PE binaries
On Thu, Feb 21, 2013 at 10:03:20AM -0800, Linus Torvalds wrote:
> Seriously, if somebody wants to make a binary module for Fedora 18 or
> whatever, they should go to Red Hat and ask whether RH is willing to
> sign their key. And the whole "no, we only think it makes sense to
> trust MS keys" argument is so f*cking stupid that if somebody really
> brings that up, I can only throw my hands up and say "whatever".
MS have infrastructure to do identity verification and actually run some
kind of vaguely responsible CA, and I don't trust Red Hat to be able to
do that. [....] »
I disagree with Mr. Garrett. I expect Red Hat should be at least as competent as Microsoft when it comes to letting certificates expire. :)
FWIW, Weimer does a good job of summarising the whole issue here:
From Florian Weimer <>
Subject Re: [GIT PULL] Load keys from signed PE binaries
Date Mon, 25 Feb 2013 15:28:32 +0100
* Matthew Garrett:
> There's only one signing authority, and they only sign PE binaries.
There are at least two, with different policies, albeit run by the
same organization. Actually, we don't know how many authorities are
out there which have non-localized reach, so it's ... interesting to
attempt to construct any form of security based on that.
But what puzzles me most is why anyone would assume that the UEFI
application signing process somehow ensures that the embedded
certificate is non-malicious. We cannot even track it back to the
submitter because the third-pary market place UEFI authority only
issues pseudonymous proxy certificates. This utterly useless for any
purpose whatsoever, with the notable exception of avoding one
additional step when setting up a dual-boot machine (which will not
even work reliably until we switch to overwriting the Windows boot
loader, like in the pre-UEFI days).
Seriously, folks, can we go back one step and discuss what problem you
are trying to solve? Is it about allowing third-party kernel modules
in an environment which does not allow unsigned ring 0 code execution?
Except that the Victorix operating system of that Mr Meldrew is wildly successful and carried by hundreds of millions of people in their pockets while the Broken Windows operating system and its (on average 127 viruses) rot on a harddisk of some clunky desk or "portable" computer. "portable" of course means you need a Personal Slave to carry it over longer distances.
I hear Victorix is also used by quite a few other computers at some rather critical places.
I compile my own kernel, based on the kernel source released by Slackware.
Even if PV were to buy into RedHat's reasoning, and jump on the bandwagon & try to get into bed with MS (ain't gonna happen) ... My personal version of the kernel won't work alongside MS, because there is no way I'm paying MS to sign my own, personal kernel that I intentionally modified, with my eyes wide open, to suit my own needs.
THAT is what the issue is. FOSS is about the ability to use the hardware as the user sees fit, not how $BigCo sees fit. The whole concept is anti-FOSS.
"Look, we stopped viruses from infecting step 1." That's great, now they will only be able to run from step 2-1,000,000. //sarcasm
This can only end with EVERY file being signed with an official key, or it can't run/exist on any system.
Best to stop it now, before in means the end of open-source or private programmers.
P.S. Sony's installed version of Windows 8 x64 DOES NOT BOOT with UEFI turned off, and their Restore USB/DVD won't either. ASUS's version works in either state, on or off. Guess which one will get my money again in the future? (hint: it's not the Sony I returned)
At The Linux Foundation's Open Source Summit in Austin, Texas on Tuesday, Linus Torvalds said he expects support for Rust code in the Linux kernel to be merged soon, possibly with the next release, 5.20.
At least since last December, when a patch added support for Rust as a second language for kernel code, the Linux community has been anticipating this transition, in the hope it leads to greater stability and security.
In a conversation with Dirk Hohndel, chief open source officer at Cardano, Torvalds said the patches to integrate Rust have not yet been merged because there's far more caution among Linux kernel maintainers than there was 30 years ago.
Comment Recently, The Register's Liam Proven wrote tongue in cheek about the most annoying desktop Linux distros. He inspired me to do another take.
Proven pointed out that Distrowatch currently lists 270 – count 'em – Linux distros. Of course, no one can look at all of those. But, having covered the Linux desktop since the big interface debate was between Bash and zsh rather than GNOME vs KDE, and being the editor-in-chief of a now-departed publication called Linux Desktop, I think I've used more of them than anyone else who also has a life beyond the PC. In short, I love the Linux desktop.
Two of the more prolific cybercriminal groups, which in the past have deployed such high-profile ransomware families as Conti, Ryuk, REvil and Hive, have started adopting the BlackCat ransomware-as-as-service (RaaS) offering.
The use of the modern Rust programming language to stabilize and port the code, the variable nature of RaaS, and growing adoption by affiliate groups all increase the chances that organizations will run into BlackCat – and have difficulty detecting it – according to researchers with the Microsoft 365 Defender Threat Intelligence Team.
In an advisory this week, Microsoft researchers noted the myriad capabilities of BlackCat, but added the outcome is always the same: the ransomware is deployed, files are stolen and encrypted, and victims told to either pay the ransom or risk seeing their sensitive data leaked.
Review The Reg FOSS desk took the latest update to openSUSE's stable distro for a spin around the block and returned pleasantly impressed.
As we reported earlier this week, SUSE said it was preparing version 15 SP4 of its SUSE Linux Enterprise distribution at the company's annual conference, and a day later, openSUSE Leap version 15.4 followed.
Linus Torvalds has announced the first release candidate for version 5.19 of the Linux kernel, and declared it represents a milestone in multiplatform development for the project.
After first commenting that the development process for this version has been made difficult by many late pull requests, then applauding the fact that most were properly signed, Torvalds opined that Linux 5.19 "is going to be on the bigger side, but certainly not breaking any records, and nothing looks particularly odd or crazy."
Around 60 percent of the release is drivers, and there's another big load of code that gets AMD GPUs playing nicely with the kernel.
Updated Two security vendors – Orca Security and Tenable – have accused Microsoft of unnecessarily putting customers' data and cloud environments at risk by taking far too long to fix critical vulnerabilities in Azure.
In a blog published today, Orca Security researcher Tzah Pahima claimed it took Microsoft several months to fully resolve a security flaw in Azure's Synapse Analytics that he discovered in January.
And in a separate blog published on Monday, Tenable CEO Amit Yoran called out Redmond for its lack of response to – and transparency around – two other vulnerabilities that could be exploited by anyone using Azure Synapse.
Microsoft has added a certification to augment the tired eyes and haunted expressions of Exchange support engineers.
The "Microsoft 365 Certified: Exchange Online Support Engineer Specialty certification" was unveiled yesterday and requires you to pass the "MS-220: Troubleshooting Microsoft Exchange Online" exam.
Microsoft is extending the Defender brand with a version aimed at families and individuals.
"Defender" has been the company's name of choice for its anti-malware platform for years. Microsoft Defender for individuals, available for Microsoft 365 Personal and Family subscribers, is a cross-platform application, encompassing macOS, iOS, and Android devices and extending "the protection already built into Windows Security beyond your PC."
The system comprises a dashboard showing the status of linked devices as well as alerts and suggestions.
Microsoft isn't wasting time trying to put Activision Blizzard's problems in the rearview mirror, announcing a labor neutrality agreement with the game maker's recently-formed union.
Microsoft will be grappling with plenty of issues at Activision, including unfair labor lawsuits, sexual harassment allegations and toxic workplace claims. Activision subsidiary Raven Software, developers on the popular Call of Duty game series, recently voted to organize a union, which Activision entered into negotiations with only a few days ago.
Microsoft and the Communication Workers of America (CWA), which represents Raven Software employees, issued a joint statement saying that the agreement is a ground-breaking one that "will benefit Microsoft and its employees, and create opportunities for innovation in the gaming sector."
Updated Microsoft's latest set of Windows patches are causing problems for users.
Windows 10 and 11 are affected, with both experiencing similar issues (although the latter seems to be suffering a little more).
KB5014697, released on June 14 for Windows 11, addresses a number of issues, but the known issues list has also been growing. Some .NET Framework 3.5 apps might fail to open (if using Windows Communication Foundation or Windows Workflow component) and the Wi-Fi hotspot features appears broken.
Biting the hand that feeds IT © 1998–2022