Slashdot Mirror


End Of Development For Grsecurity Announced?

vrtk writes "I received this minutes ago, from the grsecurity mailing list, also displayed on the official site for the open-source security project: 'Beginning today, May 31, 2004, development of grsecurity will cease. On June 7, the website, forums, mailing list, and CVS will be shut down. Due to a sponsor unexpectedly dropping sponsorship of grsecurity while continually promising payment, I began the summer in debt and had to borrow money from family to pay for food. If none of the companies that depend on grsecurity, some of them being very large, are able to sponsor the project, grsecurity will cease to exist. I am not looking for paypal donations at this point, unless those that donate do so with the recognition that despite their donation, grsecurity may still never be returning.'"

11 of 306 comments (clear)

  1. the decision not to pay him was no doubt made by.. by Anonymous Coward · · Score: 5, Insightful

    the sort of bastards that make $2500/hour being driven to country clubs to shake hands and joke about 'damned hippies'.

    "What, we don't need to pay him?"

    "Heh, yeah. Damn fool fell for that Open Source crap. He gets what he deserves."

    "Well, Damn Dirty Hippies, etc. Oh, and pass the caviar."

  2. cease to exist? by lawngnome · · Score: 5, Insightful

    how can it cease to exist? isnt open source software forever? (well in some form or another) it may not be regularly updated (or updated at all by the looks of the article) but could still prove useful in the future...

    1. Re:cease to exist? by TWX · · Score: 4, Insightful

      If the main project site is gone and all of the continuing development notes are no longer available, it's much harder for it to continue. Remember, the code itself is just the end product of a process that involves designing, coding, testing, revising, re-testing, etc, etc, etc. While someone who has the GPLed source could continue to work on it, such a person wouldn't have the experience or results from this process that the original developer had.

      If the project is fairly mature, like the Linux Kernel, KDE, FVWM, or any other number of projects with lots of developers then it's easier to lose the top guy or gal and continue development. Linus' turning over the previous stable kernel trees to other big Linux guys like Alan Cox or any of the others is an example. One guy or even a very small number of people on a specific, niche utility or patch might not be able to achieve the same.

      The space and organization required to keep the project internet-accessible is also a problem, as this case directly shows. He can't afford the space and bandwidth. I feel his pain, it's hard enough just keeping a personal domain with a mild amount of traffic up for almost no money. Trying to run something with backend CGI for forums and CVS isn't free.

      I hope that people are able to reorganize this project, but if that doesn't work then it doesn't.

      --
      Do not look into laser with remaining eye.
  3. Re:So what? by Atzanteol · · Score: 5, Insightful

    Since the developers went and got all selfish about things like 'eating' and 'clothes'?

    --
    "Ignorance more frequently begets confidence than does knowledge"

    - Charles Darwin
  4. Sponsorship is a bad model. by k98sven · · Score: 4, Insightful

    Sorry to say this, but I feel that sponsorship is ultimately not a good way to run an OSS project.

    If you rely on sponsorships, you have to expect this kind of thing to happen. It does. All the time.

    If there are businesses which are using your software, then there should be a market for you in consulting. Consulting is a proven business model for OSS development. (Not that it is much more of a guarantee, but at least you have a contract.)

    Not to mention that many big businesses view consulting and sponsorship as two very, very different things. It has to do with bookmaking. Money paid as consulting makes it more evident that you are providing a service than money marked down as 'sponsorship'.

    Now, if your project is not commercially interesting, and you still want to get paid for doing it, perhaps you should be looking for a research position instead, if it's innovative enough.

    And if it's not innovative nor commercially interesting.. Well then it's a hobby, goddamnit! :-)

  5. that's not how it works by dekeji · · Score: 4, Insightful

    Sorry, but that's not how OSS development gets funded; you can't just put up some software on a web site and wait for donations.

    Grsecurity looks like something you might be able to fund as part of a security consulting business. Or, if dealing with people is not your thing, you might be able to make a living writing books about security and how to use grsecurity. Or you might be able to do it on the side while working for a large company.

    If grsecurity is as useful as you think, if there was a lively community around it, and if the code is usable, there is a good chance someone else will pick it up and actually build a successful business around it. If nobody continues development of grsecurity at this point, then it wasn't really a good, live open source project anyway--it was just some useful code released under the GPL.

    Please don't complain about it: while your desire to create open source software is admirable, it is still your problem if you fail because you picked a naive business model.

  6. Re:So what? by AstroDrabb · · Score: 5, Insightful
    You must have the brains of a rat and those who modded this "Insightful" must have equal brain power. Please tell me, what is "Insightful" in
    It sounds like what he wanted was employment. Being able to make a living off of a hobby is a lofty and unrealistic goal.
    Where is the "Insightful" knowledge that I should have gained from this comment? What it comes down to is this was _not_ a hobby for this guy. He worked full time and a few $BIG_COMPANIES promised him $XYZ in payment if he delivered $ABC. He delivered $ABC, and those $BIG_COMPANIES did not deliver $XYZ in payment. Most likely becuase his code was under the GPL and they could use it without his consent or their payments.
    --
    If Tyranny and Oppression come to this land,
    it will be in the guise of fighting a foreign enemy. -James Madison
  7. Since when... by mbottrell · · Score: 4, Insightful

    What amazes me is that it's automagically assumed that a code-cutter also has business sense to run a successful business.

    Remember at the end of the day he's a code-cutter... not a suit... if he was a suit.. he wouldn't be a code-cutter now would he! :[

    I must admit as a code-cutter I'm sick of many businesses idea of 'yeah... lets' get it under the GPL... we can use, abuse and not pay for it'.

    Bad Karma to this idea of thinking...
    These fat-cats still drive home to a nice warm bed, big meal and watch their TV.

    How about flipping some $$'s towards the smuck that did all your hard work and ensure he's still around next year when you have a real question abuot the software.

    At the end of the day... nothing is FREE... someone pays... unfortunately with a lot of GPL.. it's normally the developer and his family. :(

  8. Re:Smells like a lawsuit by ibbey · · Score: 4, Insightful

    It's almost blackmail. "Support me else I shut it down."

    That's hardly in the spirit of Free Software.


    Since when is the spirit of Free Software doing work that benefits others and expecting nothing in return? What any given author expects in return may vary, but expecting money isn't out of line. The author presumably has expenses related to the project and is well within his rights to state that he will not continue development if he can't find someone to offset those expenses.

    Remember, though, that since the project is GPL'd, there's nothing stopping you or anyone else from downloading the source & taking over the maintenance & development for him. That's the spirit of open source.

  9. Re:Smells like a lawsuit by sydb · · Score: 4, Insightful

    I don't think anyone "in free software" thinks development has no cost. I think they are keenly aware what the cost is - usually their time.

    It's only a few idiots who equate Free with free.

    However I think your charaterisation of open source development is either naive or trollish.

    --
    Yours Sincerely, Michael.
  10. Re:Brad Spender Developer of GRSecurity is a Hero by keesh · · Score: 4, Insightful

    No, Brad Spender is an arrogant fucktard who cared more about screwing over people who disagreed with him (for example, he tried to deliberately withold information on a RedHat security flaw until after Fedora Core 2 was released, just to bring them around to his way of thinking) than fixing things.