Slashdot Mirror


The Case For Full Disclosure In The Linux Changelog

titurel writes: "This article on SecurityFocus takes up some interesting thoughts about how Alan Cox's choice not to unveil securitychanges in the kernel changelog could affect other developers." And Jon Lasser is no security dummy -- Along with Jay Beale, he's one of the guys behind Bastille Linux, and the author of the excellent Think Unix.

1 of 234 comments (clear)

  1. Alan's taking the easy way out by SMN · · Score: 3, Flamebait
    This is liable to be score (-1, Unpopular Opinion), but it needs to be said:

    If Alan Cox really wants to make a point, he should put his money where his mouth is and LET himself be open to a suit under the DMCA. His current approach, hiding the changelogs, does nothing to stop the DMCA, and by submitting to it he's giving its backers exactly what they want.

    Laws don't get changed if nobody has the guts to challenge them. If Alan wants to get his point across, he should let himself be sued (not that it would actually happen, because I doubt any company really gives a damn what he puts in his changelog). Then he, like Felten and Sklyarov, has a great case to challenge the law with.

    Instead, this "spectacle" seems to be Alan submitting to the DMCA, then trying to attract as much attention as possible to his crying about it. I have no pity for this, and I hope the rest of his audience feels the same.

    --
    -- Imagine how much more advanced our technology would be if we had eight fingers per hand.