Torvalds Wants Attackers To Join Linux Before They Turn To the "Dark Side" (eweek.com)

← Back to Stories (view on slashdot.org)

Torvalds Wants Attackers To Join Linux Before They Turn To the "Dark Side" (eweek.com)

Posted by msmash on Monday September 11, 2017 @08:05AM from the dispatch dept.

darthcamaro writes: People attack Linux everyday and Linus Torvalds is impressed by many of them. Speaking at the Open Source Summit in LA, Torvalds said he wants to seek out those that would attack Linux and get them to help improve Linux, before they turn to the 'dark side.' "There are smart people doing bad things, I wish they were on our side and they could help us," Torvalds said. "Where I want us to go, is to get as many smart people as we can before they turn to the dark side. We would improve security that way and get those that are interested in security to come to us, before they attack us," he added.

11 of 112 comments (clear)

Min score:

Reason:

Sort:

Admirable goal, but... by thegreatbob · 2017-09-11 08:09 · Score: 4, Insightful

Unfortunately, it's far easier to destroy and harm than it is to create and improve... I doubt there are many among us who haven't derived some kind of pleasure from breaking something at some point in their lives.

This does not, however, mean we should not try. Also no reason to completely write off the dark-side folks, sometimes they see the light and come around.

--
There is no XUL, only WebExtensions...
1. Re:Admirable goal, but... by DontBeAMoran · 2017-09-11 08:23 · Score: 4, Funny
  
  Also no reason to completely write off the dark-side folks, sometimes they see the light and come around.
  And sometimes they just cut your hand off using a saber made of "light".
  
  --
  #DeleteFacebook
2. Re:Admirable goal, but... by Jason+Levine · 2017-09-11 08:24 · Score: 3
  
  There are also a lot of "Dark Side" folks who have no real talent of their own. They can run scripts written by talented people and can cause a lot of damage, but if given the chance to break into a system without their pre-written scripts, wouldn't get very far.
  
  --
  My sci-fi novel, Ghost Thief, is now available from Amazon.com.
3. Re:Admirable goal, but... by Anonymous Coward · 2017-09-11 10:11 · Score: 3, Insightful
  
  what purists should learn is that people get paid not for talent or programming skill but for solving problems. I own a business and it is great to have very talented people working for me but the people who get the highest pay (best reviews) are those who solve problems fast and move on. It is actually not useful to have someone re-invent the wheel just because they are talented or the wheel is close fit but not quite to what is required so start from scratch.
  If someone will adapt the requirements or the solution to match the requirements it is quicker and therefore more profitable.
  You get rewarded for what you achieve not how you achieve it. Even if an engineer when and found people in India to do his job and paid them part of his salary in my mind he should be promoted as he knows the how to produce outputs rather than worry about tinkering with how things work.
  My first test for any code is 1. Does it do the job. 2. robust 3 maintainable. If it cannot pass 1 it does not matter about 2 and 3.
4. Re:Admirable goal, but... by epyT-R · 2017-09-11 11:44 · Score: 3, Insightful
  
  ..and what business owners must learn is that the best people who solve their problems are creative problem solvers that cannot be managed and metric'd like factory workers. Good engineers treated this way migrate to competitors who understand this.
  'How' it's done is important too because it determines what's possible in the future. Half-assed 'right now' solutions often end up costing more money down the road. Shortsighted management like this has cost companies way more money than the occasionally overengineered solution (which was probably done in an attempt to avoid this 'firehouse' style management). A lot of this fits under #2 on your list, but also one and three as well.
The Linux community attacks itself the worst. by Anonymous Coward · 2017-09-11 08:26 · Score: 3, Insightful

The Linux community attacks itself far worse than vague "black-hat hackers", Microsoft, SCO, or any other external force ever could hope to do.
Just look at the immense community disruption that systemd has caused. It's clearly unwanted by a lot of the community, especially the serious users like the developers and administrators who are responsible for running Linux servers and other critical Linux installations. Forcing systemd into Debian tore apart the decades-old community of what was once the most stable, reliable and trusted Linux distro around.
Then there's GNOME 3, which has also caused a huge schism within the Linux community. It's pretty widely disliked, yet is forced on users as the default desktop environment by a number of the major Linux distros. While GNOME 2 eventually got to a point where it was mostly usable, we shouldn't forget that the GNOME project itself was initially founded for ideological reasons, rather than practical reasons, again splitting the community.
It doesn't help that Ubuntu had been dabbling with things like Upstart, Unity and Mir for a long while, again splintering the community.
When harm comes to the Linux community, it's pretty much never some external force that's responsible. It's the Linux community turning on itself in one way or another. It's one set of Linux users attacking some other set of Linux users. The Linux community is its own worst enemy.
1. Re:The Linux community attacks itself the worst. by Seven+Spirals · 2017-09-11 09:00 · Score: 3, Insightful
  
  Agreed. Someone forgot to tell Linus that hacks == cash. Few are going to help out him and Pottering out of goodness of their hearts and devalue their zero-day bug bounties. That's goes 2x now that systemd is a standard. With all the systemd security bugs and crashes, it makes me wonder how much undiscovered zero-day is in the wild already.
2. Re:The Linux community attacks itself the worst. by gmack · 2017-09-11 09:33 · Score: 3, Insightful
  
  The Linux community attacks itself far worse than vague "black-hat hackers", Microsoft, SCO, or any other external force ever could hope to do.
  I don't think I've ever seen so much FUD in one post
  
  Just look at the immense community disruption that systemd has caused. It's clearly unwanted by a lot of the community, especially the serious users like the developers and administrators who are responsible for running Linux servers and other critical Linux installations. Forcing systemd into Debian tore apart the decades-old community of what was once the most stable, reliable and trusted Linux distro around.
  There would not have been a problem if someone hadn't stared a misinformation campaign a full year after Debian had already had an internal debate, weighed the pros and cons and went with systemd. Yes, there were growing pains, but theve all been pretty much ironed out by now and most people who do this for a living don't actually care. The distros who switched, haven't seen any loss of users because of it and life moves on.
  
  Then there's GNOME 3, which has also caused a huge schism within the Linux community. It's pretty widely disliked, yet is forced on users as the default desktop environment by a number of the major Linux distros. While GNOME 2 eventually got to a point where it was mostly usable, we shouldn't forget that the GNOME project itself was initially founded for ideological reasons, rather than practical reasons, again splitting the community.
  Some people disagreed about how things should be done and spent their OWN time on their own project so what's the problem? Some people preferred KDE and some QT.
  
  It doesn't help that Ubuntu had been dabbling with things like Upstart, Unity and Mir for a long while, again splintering the community.
  When harm comes to the Linux community, it's pretty much never some external force that's responsible. It's the Linux community turning on itself in one way or another. It's one set of Linux users attacking some other set of Linux users. The Linux community is its own worst enemy.
  Most of that is fine.. Forks are actually a strength and not a weakness. People work on what they want work on and in some cases the forks learn from each other or just fade into obscurity and who are we to say what Shuttleworth is to spend his money on? Don't like it, don't use Ubuntu, it's simple.
3. Re:The Linux community attacks itself the worst. by Kjella · 2017-09-11 12:05 · Score: 3, Interesting
  
  There would not have been a problem if someone hadn't stared a misinformation campaign a full year after Debian had already had an internal debate, weighed the pros and cons and went with systemd. Yes, there were growing pains, but theve all been pretty much ironed out by now and most people who do this for a living don't actually care. The distros who switched, haven't seen any loss of users because of it and life moves on.
  Pretty sure that's not correct, I remember quite a few negative opinions before the decision was made that resemble the current criticism. In any case, if you're replacing a very old and familiar system that's not obviously broken with something new then you can be assured that most of the debate and the arguments will be made by the people who want change. Because you get like 20 years of "we want to replace X11" discussion they can't be arsed to follow and then finally, when the switch to Wayland is happening then you get the "OMG you're breaking X and I need it, stop that". A year later would perhaps be around when the first systemd-based distro version would be released, actually breaking things for users?
  
  --
  Live today, because you never know what tomorrow brings
4. Re:The Linux community attacks itself the worst. by gmack · 2017-09-11 15:47 · Score: 2
  
  I recall having an absolute panic attack a the thought of Systemd from reading posts here on Slashdot and then going and looking into it myself and discovering it wasn't as bad as it's detractors made it out to be. Also, I think Fedora got to deal with the worst of the teething problems so there was only minor breakage when Systemd hit debian testing. I myself had a 5 minute hang that I eventually tracked down to a configured mount for a drive that I had previously moved. Later versions were more explicit as to what was going on, reducing the confusion and by the time it hit debian stable, it was pretty much rock solid.
  Since a part of my day job actually involves tweaking init scripts, I can tell you that it actually made my life easier
  Really though, I don't get this thing where people need to call themselves graybeards to emphasise their point. When I started using Linux I had to write my modem dialup script by hand and hand build the modelines in the X config, custom compile my kernel etc. I also used to do a ton of hand compiling packages. Now things have changed and life has gotten easier and I find I don't miss having to do everything the hard way (although I still have about 1% of the systems I maintain running custom kernels and only a few hand compiled packages.
Democracy is messy. Relish software freedom. by jbn-o · 2017-09-11 10:47 · Score: 4, Informative

First off, you're using the word "Linux" as though that were an operating system. Linux is not now and never was an OS, it was and remains an OS kernel. You can't run the software you use as examples if all you have is the Linux kernel. Secondly, democracy is messy. People start projects which other people don't like. But we're all free to start our own projects and include the free software we like. Nobody "forc[ed] systemd into Debian". Debian GNU/Linux decided to include systemd, and for a community that is still going strong you'd never know that Debian had been "tor[n] apart" as you claim.
Contrary to your way of putting it, the initial work behind GNOME was quite practical and, coming from the GNU Project, started in making free software more practical. GNOME was started because the K Desktop Environment (KDE) had nonfree dependencies, notably Qt which used a nonfree license until around mid-1999. Thus KDE was unsuitable for the GNU Project which aims to provide an OS which respects a user's software freedom (to run, share, modify, and distribute). A second project aiming to do roughly the same job as Qt was also started by the GNU Project (a Qt API-compatible project called "Harmony"). Qt ended up being relicensed as free software and GNOME ended up being useful. So we have both KDE and GNOME today. Thus a pragmatic pursuit of software freedom, which you apparently eschew, was quite effective at delivering a modern GUI look-and-feel for users who want that (which, I'm guessing, would be most computer users).
"Splintering the community" is a natural outcome of software freedom just as people use their freedom of speech to express different and sometimes conflicting views. People try to work together to meet their needs but sometimes that just isn't possible. This kind of thing happens in science all the time; people with different ideas on how something works set out to investigate their hypotheses in parallel and sometimes we end up with multiple divergent theories and, over time, some convergence. When it comes to software development we should celebrate, not minimize or disdain the software freedom to express ourselves in such a way.

--
Digital Citizen