It's entirely clear why the change was done, it's not getting reverted, and using multiple random anonymous accounts to try to "grass root" it by Russian troll factories isn't going to change anything.
And FYI for the actual innocent bystanders who aren't troll farm accounts - the "various compliance requirements" are not just a US thing.
If you haven't heard of Russian sanctions yet, you should try to read the news some day. And by "news", I don't mean Russian state-sponsored spam.
As to sending me a revert patch - please use whatever mush you call brains. I'm Finnish. Did you think I'd be supporting Russian aggression? Apparently it's not just lack of real news, it's lack of history knowledge too."
fuck yes. fuck russia. fuck russians.
I’m Finnish. Did you think I’d be supporting Russian aggression? Apparently it’s not just lack of real news, it’s lack of history knowledge too."
Man, it's like you spend centuries brutalizing all your neighbors, if not outright conquering them and enforcing holocausts, and this is the thanks you get!
Putin:
Russian culture is so underappreciated 🥺
No, it is appreciated. Just not in the way you want it to be.
fuck russians? fuck the Russian government and the people who support it, not all the russians.
"fuck the overwhelming majority of russians" doesn't have the same ring to it.
No. Not fuck Russians as a blanket policy. The Russian government is full of corrupt and evil bastards, but it's certain that most Russians are the same as most other citizens; They just want to go about their business.
I'm in favor of blocking the Russian accounts, they're probably mostly state actors. The ones that aren't actively sabotaging the codebase are unfortunate causalities, but it's better than the alternative.
I’m really sad about this. There is a lot of computer science talent in Russia, and I’m very very upset that It Has Come To This.
But it very clearly has.
If it makes you feel any better, experience (and a bit of intuition) tells me that this isn't permanent. Though, it is probably only going to end after their government stops fucking up (or collapses... again...). It might be a while :/
I think it wouldn't be bad to have the Russian devs back once the war is over, bar any other circumstances.
Most russians support the genocide. Fuck russians.
I have no problem with Russians, but I do have a problem with the Russian government, and that makes me suspect Russians due to the chance of the Russian government using its leverage to get them to do what they want. So I understand the move, but I'm saddened that FOSS gets sucked into international politics.
FOSS is inherently political, though, and an international collaboration like Linux is inherently internationally political. Allowing big corporations to influence the direction of the codebase? That's political. Allowing the free usage and distribution of the software to anybody for any purpose not otherwise afforded by existing copyright law? That's political. Collaborating with contributors from almost every country on Earth? That's political. Being headquartered in the United States? Again political. Creating a hierarchy with Linus Torvalds at the top? The definition of politics.
It feels like people only start screaming "that's politics though!" whenever it becomes political in a way that's controversial to them – without recognizing how completely pervasive politics are in every single aspect of our lives. The fact we're even talking on Lemmy right now is political – in all likelihood, we both decided that Reddit's system of governance was unfair and thought a federated system was somehow more ideal, in this case a platform created by outspoken authcoms. That's even disregarding the Internet which Lemmy sits on top of, including net neutrality, freedom of speech, the infrastructure connecting different jurisdictions, the way it came about through organizations like DARPA, CERN, the IEEE, and ICANN, etc.
Good! So why the incendiary comments Linus made on Russians. It is so hard to say something like this:
"I have to expel them from the project due to a US law forced us to do it. However, I had trust on them all these years and they contributed a lot to the project (that is why they were working here). Now, I am against the law because we should not discriminate people for the origin. Moreover, the claim that they can harm the software is unwarranted because it is OPEN and many eyes are on it. Finally, this harms the entire Linux project because now makes it an "American"project rather than an global one. Sad times."
Have you noticed exactly how many Russians are bigots who support the mass murder of their neighbors?
I mean there's probably a lot who don't, but they're busy firing missiles at civilians in Ukraine to get around their 15y work camp sentence.
I think given the current political situation this is the right call. No one knows what the Russian government might compel otherwise innocent devs to do.
That said, we (and I mean society, not any particular individual) should be mindful that we don’t slip into bigotry.
I’ve worked side by side with RU devs who were both personable and damned competent. Never were their tech skills in doubt, and I retain quite a bit of respect for those individuals.
I’d not do the same today explicitly because of the political and compliance implications. It’s unfortunate, but necessary.
i wish there was more we could do to help russians topple their dictatorship
Linux Fundarion is based in America. It needs to follow its rules and politics. I guess a lot of things will happen after this. As something so important for open technology like It , should be based in a more open, mor asvanced in laws and neutral territory.
Linus is from Finland. Not hard to remember reasons for aversion to Russian propaganda for anyone raised near it.
Blanketing the Linux Foundation as American based kind of sounds like you're a Russian troll.
It's entirely clear why the change was done, it's not getting reverted, and using multiple random anonymous accounts to try to "grass root" it by Russian troll factories isn't going to change anything.
And FYI for the actual innocent bystanders who aren't troll farm accounts - the "various compliance requirements" are not just a US thing.
If you haven't heard of Russian sanctions yet, you should try to read the news some day. And by "news", I don't mean Russian state-sponsored spam.
As to sending me a revert patch - please use whatever mush you call brains. I'm Finnish. Did you think I'd be supporting Russian aggression? Apparently it's not just lack of real news, it's lack of history knowledge too.
Linus really pouring on that "white death" energy.
Save your sanity and do Settings -> Blocks -> Block instance -> lemmy.ml
Also perhaps block me if you strongly disagree with the above.
That instance's mods blocked me this morning lol.
The amount of people simping for Russia in that other thread is insane. Apparently calling Ukraine a country of Nazis is fine, but saying Russia is a dictatorship is not lmao.
If you see a tankie or pro Russia comment, 99% of the time it's a lemmy.ml poster
😄exactly! Phu, the brain gymnastics that those people are capable of is mind bending 🤣
Yeah, but most instances already defederated from them.
Can we see where someone is hosting a Lemmy (domain, insnace, thing?)
I guess, you got to check IP and see what country it belongs to, but if they use a VPS or VPN or both, you can’t really know where the person who manages the instance lives / operates.
Sometimes it is posted on the instance front page or about page.
France. Maybe. It's mostly guesswork, but gives the same location for hexbear.net.
It's mostly cosplay commies rather than actual Russians.
Yea I figured it's just a bunch of middle class kids who have the privilege of being online and complain. Also fuck Hexbear....all my homies hate Hexbear.
yep I got banned from there for simply stating that ukraine has a right to defend themselves after Modi called for "peace". Apparently absolute pacifism is only required from one side.
Yeah, when I created my Lemmy account I had to choose an instance before knowing anything about Lemmy yet. And .ml seemed like the default one to choose, given https://join-lemmy.org/ told me it is ran by the devs.
Oh well.
Similar story here tbh.
I see you, hang in there buddy!
Doesn't help if the admins think you're not. Which is why I had to relocate a community because of admin content meddling and instance users shitstorming in a waterglass.
I love it here as well 😁
Ee is cool, but your upload limits were crap.
Fair, but most of the time, photos that I post won’t get any better with more pixels anyway 😂
I throw a lot of low effort memes, so I need all the help I can get.
Seriously, the hexbears just moved one over to keep getting exposure.
Yesterday I accidentally commented in .ml and mentioned that voting third party in our current voting system is playing with fire to get a worse candidate in office. I was told I must therefore start a grassroots movement for ranked choice voting, because apparently I can't have an opinion without a movement.
Normally I let a few downvotes get under my skin more than I care to admit, but in this setting it was kind of a badge of honor. Honestly it was kind of "fun" to see what people were saying.
Save your sanity and do Settings -> Blocks -> Block instance -> lemmy.ml
I approve this comment.
improved my lemmy experience ten fold just blocking that instance.
I would encourage that, but if your instance doesn't defederate them you may have to go a bit farther since you'll still get replies from lemmy.ml users, as users are not blocked as part of this functionality. And that is by design, it's not meant to act as a replacement or alternative to defederation, it's meant to act as an alternative to blocking all communities on an instance.
Anyone wanting to put vulnerabilities into Linux is probably capable of not looking like they are in Russia...
It's a statement: Russia as the only country on the world is not allowed to participate to the biggest human collaboration in existence which runs 90% of all computers due to bad state actions.
They should fucking speak up to Putin not Torvalds.
edit: Remember Russian propaganda's goal is to sabotage free discussion and conversation. They achieve this by e.g. shitting in a comment section. That might explain what's going on here. But then again, could just be the gang that hangs in c/Technology doing their thing ¯_(ツ)_/¯
Lots of pro-Russia bots in here pretending to be concerned about their sudden inability to sneak backdoors into the kernelopen source.
It's really awesome to expel by nationality, even including people who've long moved out and immigrated years ago and don't support the invasion and war waged on Ukraine /s
Honestly fuck Russia ofc, but this goes a bit too far into the grey area between hawkish-reasonable and discriminatory, and on the latter side I'm not sure who and/or what this is meant to help, nor does it seem particularly fair to those individual contributors to keep their code yet remove attribution and mailing list entries.
EDIT: holy shit the bloodlust in the comments here is actually unreal, even on arr slash neoliberal and the politics communities here on lemmy the comments are way more sane.
Why are people so fundamentally incapable of nuanced judgement. According to people in this comment section, a human is entirely defined by their country of origin. What is this witch hunt level, toddler IQ thinking. Are people really so desperate to have a "bad guy" that they can blame everything on? This dehumanization of people is wild to me.
a human is entirely defined by their country of origin
This reeks of Americanism, yanks are absurdly obsessed with race and nationality
The irony of your comment is not lost on me.
But yeah if you were to measure a country by its loudest voices then that would be accurate.
a human is entirely defined by their country of origin
That's missing a big part of the justification here. When you're from a given country, that country frequently has a lot of influence over you. You probably have family and other ties in your home country, and those can be used as leverage to get you to do what the state wants. And when your country is in active opposition to a large portion of the free world, it makes a lot of sense for people to be extra cautious in who they deal with, because it's never clear if that person is being manipulated by their former state.
So excluding someone based on nationality can absolutely make sense as an easy rule of thumb to avoid most of the problems stemming from that state.
Would you agree it's a good thing to avoid US software as they've incorporated secret surveillance into law through letters of national security to private companies?
And by extension, perhaps even shunning US citizens?
As a US citizen, I care less about where the software comes from, but who hosts that software, so I tend to use FOSS products and services, preferring to self-host where it's not too annoying.
I don't think anyone should shun citizens from any country, but we should be wary of trusting citizens from countries where the government has a larger influence. So we should be hesitant to trust people from Russia, China, North Korea, and Iran (and a bunch of others, I'm just listing the official enemies of the US), especially if they still live in those countries. That doesn't mean we should shun people from those countries (I have an awesome coworker from Iran), just that we should hesitate to put them into influential positions. I have no problem collaborating with people from any of those countries, I just think we should be a little extra careful when there's a stronger incentive for their government to get involved (and manipulating Linux is attractive for pretty much every government, esp. my own).
Because as long as the Russian state exists and can point to their "history" as an empire and use it as an excuse to take over their neighboring countries (like Latvia, the place where I'm from), I won't be satisfied.
Unfortunately nobody is bombing Moscow yet, so anything that isolates and makes the population more angry and can hopefully topple the government is a good thing in my book
Have you even read the policy? "The people removed from maintainer positions were identified as employed by companies on the US and EU sanctions list. These companies are directly involved in the Russian military complex and therefore are directly complicit in war crimes being committed daily in Ukraine". Racist? My ass.
The central project of open-source community closes doors to people based on nationality, and everyone is cheering...
Why? You seriously miss the implications of breaking the very basic principles of open source? You are ready to forgive literally anything if it is claimed to target Russia or Russians in any way?
For those of you who say about backdoors:
US is known to create the most complicated spy networks with myriads of backdoors. Where are the bans of the US maintainers?
Israel is a literal powerhouse of state-sanctioned spying software - Pegasus, as well as many less renowned programs, was created here. Any bans, anyone?
China is known for invasive software. Maybe ban them all too?
The only reasonable way to avoid backdoors is to meticulously check the submitted code. Threat actors can be anywhere - and Russia is not some unique threat location, nor was it banned with that justification - just "compliance requirements".
This is politics permeating the sacred place we all had. This is a giant threat to the community, and the way Linus framed it in his message is even more terrifying. This was never meant to happen.
The only reasonable way to avoid backdoors is to meticulously check the submitted code.
Which is the job of maintainers. Which now aren't Russian, any more. To the best of my knowledge the kernel is still accepting code from Russian citizens, ultimately not having Russians in maintainer roles isn't going to stop the FSB from infiltrating the kernel but it certainly does make it harder.
This also isn't in any way a judgement on the removed people, it's just that it so happens that if you're a Russian citizen you're quite vulnerable to wrench attacks. You could even say that the kernel org is protecting them from being used like that.
I’m actually shocked by how people are acting about this.
You see, it’s actually a really bad thing to ban devs from an open source project based on nationality over all else. “Oh, but they are state actors!!!” How do you know? Because they are Russian?
OK, this is bs.
They're not banning devs, they're banning maintainers.
Russians can submit as many patches as they like for review, they just can't sign off on their commits themselves.
Seems pretty fair to me.
It seems they're not being removed because they're Russian, but instead because they work for specific companies who are subject to US sanctions:
breaking the very basic principles of open source?
No, the basic principles of open source are either the four freedoms (if you agree w/ Stallman) or the OSI open source definition. Here are Stallman's four freedoms:
The freedom to run the program as you wish, for any purpose (freedom 0).
The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this.
The freedom to redistribute copies so you can help others (freedom 2).
The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.
Russians still have these freedoms WRT the Linux kernel. They can still run, study, and redistribute modified versions of the Linux kernel. There's no violation here.
No part of the definitions of open source or free software obligate a maintainer to work with anyone else, the only obligations are to the legal freedom of the code. Russians can still use, modify, and redistribute the software, they just aren't allowed to have maintainer positions within the Linux foundation. They can still submit code, and it's up to the maintainers if they choose to look at that code.
That said, I'm sad that it has come to this. I hate the idea of international politics interfering w/ FOSS, but I still maintain that it's 100% fine for Linus Torvalds (and his legal counsel) to make this call. So I agree with the core of your argument, that politics interfering w/ FOSS is bad, but I disagree that it violates any part of the basic concept of FOSS, FOSS maintainers should always be able to decide who they work with, and the rest of the community gets to decide if they're okay with that or if they'd rather follow someone else's fork.
Torvalds responses make clear he has spent too much time with the wrong people. Calling everyone paid actors is such an embarrassment to his own intelligence. When the linux kernel starts falling behind because of a lack of competent maintainers after banning any country that NATO isnt friends with, we will know that this is where it started and that people cheered.
Russians can still contribute code, don't bundle those together just to have something to list. You are correct about pegasus, but this is about kernel and rights to commit without review.
Open source IP laws operate under the jurisdiction of the citizen's country. What kind of principles do you think open source represents? Because if it's about free movement of information and global collaboration, I'm pretty sure that pirates are the group that better represents those values
How is this keeping to open source philosophies in any way?
“No, you can’t work on this, you’re Russian.”
I don’t support the Russian Government or its actions in any way, but these devs are probably not part of it. They maintain drivers for fucking ASUS hardware.
Because there are both US and EU laws preventing code from countries deemed a threat. Torvalds is paid by the Ameircan Linux Foundation, which has to work under US law and he himself is an EU citizen. Also a lot of other developers are from those countries and if they do not comply, they could get into some pretty bad legal trouble.
So it pretty much boils down to kick out the Russians or kick out all US and EU citizens and well we see Linus choice.
risc-v saw this coming a while ago and moved to Switzerland to avoid it.
Switzerland is being routinely strong-armed these days.
It's not that hard of a choice either ofc, given one is essentially required.
Do you also know Finland is next to russia and it does not have to be US influence for someone like Linus to know Russian gov can pressure developers? This change removes code commit not the contribution rights.
This has nothing to do with open source. If Russians want to work on the Linux kernel, they're absolutely free to do so, because the source code is free and open source. What they are being restricted from is getting their changes submitted to the normal Linux foundation trees. FOSS doesn't mean you're entitled to have the maintainer of a project look at your patches, it means you can use the software however you want.
And yeah, it makes me sad that Russian kernel maintainers are being excluded. That doesn't mean it's a violation of open source philosophies (a maintainer can exclude anyone they want for any reason), it just means it's an unfortunate policy due to international sanctions.
Russians aren't restricted from getting their changes submitted, they just can't be maintainers. This means that they need another maintainer to approve their changes, just like if you or me were to submit a change. A lot of people seem to be misunderstanding what actually happened.
I actually just emailed RMS about this and I'm genuinely curious what he says. If anyone else is interested, I'll ask if he's fine with me sharing some of the response.
My opinion on this whole topic: I don't like the decision, a Free Software project should only prevent people from contributing in very rare occasions (e.g. having actively tried to sabotage the project). I don't think this was the case, because I presume that the Linux Foundation was forced by the U.S. government to kick the maintainers out. The should've also communicated more clearly to prevent the confusion. (Russian trolls will cry out no matter how they phrased that.)
Edit: Depending on their power as a maintainer, they might be hired by intelligence and forced to just wave a backdoor through. With the Russian government waging a hybrid war against the U.S. and Europe, this poses a real problem.
Another Edit: @Allero@lemmy.today mentioned that apart from Russia, the U.S., Israel and China also have a very well funded intelligence service. So banning Russian maintainers because of a potential backdoor when there are American maintainers (which could be agents) as well? I don't think it makes sense, but unfortunately the Linux Foundation won't be able to resist the "complience requirements".
No changes until China decides to invade Taiwan and the sanctions that Russia currently has begin.
Yeah, China are being "generic assholes" right now, but not crossing the lines into "serious villain shit" yet, at least for people who aren't in China.
But if they touch Taiwan, oh hell yeah.
I mean there are chinese spies in europe, which suppress, bully and sometimes even kill chinese journalists who have fleed (?) to europe. And thats not even a conspiracy theory, there were investigative journalists who have uncovered this in several countries.
So I'd say that china is reeealy close to that villain line
russian economy after over 1k days of war is evaporized and putin now is Xis little dog. so if we all work together now nobody will remember a country called russia in 100 years. nations are just a phantasy and it wont hurt to let go of some.
The Russian economy after over 1k days of war is evaporizedhas evaporated and now Putin is Xi's little dog. so If we all work together, nobody will remember a country called Russia in 100 years. Nations are just a phantasyfantasy, and it won't hurt to let go of some.
I think it's scary that the Russian Federation will probably "Balkanize" if Ukraine won't capitulate, and with how many nuclear weapons it has, that's terrifying to consider.
Then again, they probably don't work very well given what we've seen about the performance of the so-called "2nd/3rd most powerful army on Earth". But even a few potentially in the hands of an even more unhinged maniac than Putin is unsettling, to say the least.
You know. I don't like what the Russian leadership and military are doing. I feel like ultimately we're in the cold war era. But you know, at the height of the cold war, radio operators around the world still worked Russian stations.
Yes, there was a very clear policy, neither side talked about ANYTHING beyond their signal report and working conditions (information about radio, power output and aerial basically). At the height of the actual cold war, the individuals were not cancelled like this.
Sanction the leadership, sanction the money, and sanction the military. But the normal people that are subject to the propaganda? I don't understand the benefit in doing this. I also don't see how the sanctions effect an open source project..
Seems a bit weird. Maybe there's information we're not privy to, but on the face of it, just based on what we're seeing. Seems like a very very odd move.
don’t understand the benefit in doing this.
FSB wants backdoor in kernel. FSB notices subsystem maintainer is Russian, lives in Chelyabinsk. Can close eyes to backdoor, can pretend to review. FSB in Moscow make call to FSB in Chelyabinsk telling to buy heavy wrench at hardware store.
Same could be said for any intelligence service . it is better to focus on preventing and detecting these things through analysis and code reviews.
And they could just offer boatloads of cash to someone in another country to insert something so this doesn't really prevent anything it only isolates a certain subset of people.
So if we can't completely 100% deal with a problem, we shouldn't even try? I mean, you're correct, but we can't solve all problems at once. If we deal with at least one, then we've made progress. Then we can try to deal with the next one.
No but this doesn't do anything to "deal" with the problem as anyone can built up trust like Jian tan showed. The argument that this makes us more secure is like saying closed source is more secure cause the hackers dont have access to the source.
We have evidence of the US messing with nist standards so by that same logic should we assume all us actors are bad ?
The solution is to verify the code maybe have multiple people from different locations have to review stuff. Build more checks into the process.
The whole point of it being open is that it can be reviewed. It shouldn't matter where the contributor is from as all code should be subjected to a rigorous review process.
We have evidence of the US messing with nist standards
What... You realize that NIST is literally a government agency? It's part of the United States Department of Commerce. It's literally the US government. Are you saying that the government is messing with itself? What does that even mean?
And I'll say the same here as I did above. If it was for security, their code is tainted too. It's an arbitrary reaction that is not complete as a solution to anything.
They can check existing code. You have to be able to trust people who are contributing.
They can check new code by these risky people as it comes in, but it why risk it?
You can't untaint code if the tainters (lol that sounds funny) can still edit the code.
If Torvalds is correct (he is), patching can now take place for vulnerabilities.
I am on your side and don't understand the fury of down votes in this section regarding this stance. I am from a shit hole of a country too and if my life long contribution to open science (hypothetically speaking) could be so completely disregarded because of something ultra shitty that my country did, I would be super sad and probably mad at the OS community for leaving me behind so quickly.
I also don't understand the benefit of doing this. Most people seem to claim it's for security reasons but that does not make sense to me. Closing doors to someone without any proof of malintent is so against open source philosophy that it is perhaps more damaging in its core. And being the kind of government Russia is (or for that matter Israel, China, USA etc etc) they will always try to gain cyber war advantage by such methods. This approach is therefore clearly unsustainable. You would only be able to give dev access to a handful of countries in the world.
It sure as hell won't scratch a dent in the Russian government's armor when all these sanctions did not. It is not going to achieve 1/1000th of what all those ambargoes, frozen accounts etc aimed and failed to achieve.
Therefore there is either missing information (external pressure to take this action) or this is simply an action based on personal judgement.
"Ok, lots of Russian trolls out and about.
It's entirely clear why the change was done, it's not getting reverted, and using multiple random anonymous accounts to try to "grass root" it by Russian troll factories isn't going to change anything.
And FYI for the actual innocent bystanders who aren't troll farm accounts - the "various compliance requirements" are not just a US thing.
If you haven't heard of Russian sanctions yet, you should try to read the news some day. And by "news", I don't mean Russian state-sponsored spam.
As to sending me a revert patch - please use whatever mush you call brains. I'm Finnish. Did you think I'd be supporting Russian aggression? Apparently it's not just lack of real news, it's lack of history knowledge too."
fuck yes. fuck russia. fuck russians.
Man, it's like you spend centuries brutalizing all your neighbors, if not outright conquering them and enforcing holocausts, and this is the thanks you get!
Putin:
No, it is appreciated. Just not in the way you want it to be.
fuck russians? fuck the Russian government and the people who support it, not all the russians.
"fuck the overwhelming majority of russians" doesn't have the same ring to it.
No. Not fuck Russians as a blanket policy. The Russian government is full of corrupt and evil bastards, but it's certain that most Russians are the same as most other citizens; They just want to go about their business.
I'm in favor of blocking the Russian accounts, they're probably mostly state actors. The ones that aren't actively sabotaging the codebase are unfortunate causalities, but it's better than the alternative.
I’m really sad about this. There is a lot of computer science talent in Russia, and I’m very very upset that It Has Come To This.
But it very clearly has.
If it makes you feel any better, experience (and a bit of intuition) tells me that this isn't permanent. Though, it is probably only going to end after their government stops fucking up (or collapses... again...). It might be a while :/
I think it wouldn't be bad to have the Russian devs back once the war is over, bar any other circumstances.
Most russians support the genocide. Fuck russians.
I have no problem with Russians, but I do have a problem with the Russian government, and that makes me suspect Russians due to the chance of the Russian government using its leverage to get them to do what they want. So I understand the move, but I'm saddened that FOSS gets sucked into international politics.
FOSS is inherently political, though, and an international collaboration like Linux is inherently internationally political. Allowing big corporations to influence the direction of the codebase? That's political. Allowing the free usage and distribution of the software to anybody for any purpose not otherwise afforded by existing copyright law? That's political. Collaborating with contributors from almost every country on Earth? That's political. Being headquartered in the United States? Again political. Creating a hierarchy with Linus Torvalds at the top? The definition of politics.
It feels like people only start screaming "that's politics though!" whenever it becomes political in a way that's controversial to them – without recognizing how completely pervasive politics are in every single aspect of our lives. The fact we're even talking on Lemmy right now is political – in all likelihood, we both decided that Reddit's system of governance was unfair and thought a federated system was somehow more ideal, in this case a platform created by outspoken authcoms. That's even disregarding the Internet which Lemmy sits on top of, including net neutrality, freedom of speech, the infrastructure connecting different jurisdictions, the way it came about through organizations like DARPA, CERN, the IEEE, and ICANN, etc.
He didn't expel all Russians, just the ones working for sanctioned Russian companies.
https://social.kernel.org/notice/AnIv3IogdUsebImO6i
Important context and a good decision
That would've been great for them to clarify earlier XD
That would've generated fewer clicks. Sensationalism is always more profitable.
Well, this is The Register. Not exactly a paragon of stellar reporting here.
RIGHT?? I was so disappointed until I learned that bit of context. Even the original article I read about it didn't mention it
Good! So why the incendiary comments Linus made on Russians. It is so hard to say something like this: "I have to expel them from the project due to a US law forced us to do it. However, I had trust on them all these years and they contributed a lot to the project (that is why they were working here). Now, I am against the law because we should not discriminate people for the origin. Moreover, the claim that they can harm the software is unwarranted because it is OPEN and many eyes are on it. Finally, this harms the entire Linux project because now makes it an "American"project rather than an global one. Sad times."
Have you noticed exactly how many Russians are bigots who support the mass murder of their neighbors?
I mean there's probably a lot who don't, but they're busy firing missiles at civilians in Ukraine to get around their 15y work camp sentence.
xz attack was an open source attack and it would be silly to assume that it was unique.
I think given the current political situation this is the right call. No one knows what the Russian government might compel otherwise innocent devs to do.
That said, we (and I mean society, not any particular individual) should be mindful that we don’t slip into bigotry.
I’ve worked side by side with RU devs who were both personable and damned competent. Never were their tech skills in doubt, and I retain quite a bit of respect for those individuals.
I’d not do the same today explicitly because of the political and compliance implications. It’s unfortunate, but necessary.
i wish there was more we could do to help russians topple their dictatorship
Linux Fundarion is based in America. It needs to follow its rules and politics. I guess a lot of things will happen after this. As something so important for open technology like It , should be based in a more open, mor asvanced in laws and neutral territory.
Linus is from Finland. Not hard to remember reasons for aversion to Russian propaganda for anyone raised near it.
Blanketing the Linux Foundation as American based kind of sounds like you're a Russian troll.
Isn’t most of Linux open source?
All of it is. But its still possible to sneak backdoors into Foss software (though magnitudes harder). See xz.
Linus is from Finland. Finns barely tolerate Russians under usual circumstances. These are not usual circumstances.
True he could have banned them long ago, it's his project in the end, but he didn't, he only did it after the sanctions
Absolutely based as fuck as usual.
To directly quote Linus:
As to sending me a revert patch - please use whatever mush you call brains. I'm Finnish. Did you think I'd be supporting Russian aggression? Apparently it's not just lack of real news, it's lack of history knowledge too.
Linus really pouring on that "white death" energy.
Save your sanity and do Settings -> Blocks -> Block instance -> lemmy.ml
Also perhaps block me if you strongly disagree with the above.
That instance's mods blocked me this morning lol.
The amount of people simping for Russia in that other thread is insane. Apparently calling Ukraine a country of Nazis is fine, but saying Russia is a dictatorship is not lmao.
If you see a tankie or pro Russia comment, 99% of the time it's a lemmy.ml poster
Hexgears and of course lemmygrad.ml are of the same kind
😄exactly! Phu, the brain gymnastics that those people are capable of is mind bending 🤣
Yeah, but most instances already defederated from them.
Can we see where someone is hosting a Lemmy (domain, insnace, thing?)
I guess, you got to check IP and see what country it belongs to, but if they use a VPS or VPN or both, you can’t really know where the person who manages the instance lives / operates.
Sometimes it is posted on the instance front page or about page.
Well I doubt it's Mali.
https://check-host.net/ip-info?host=lemmy.ml
France. Maybe. It's mostly guesswork, but gives the same location for hexbear.net.
It's mostly cosplay commies rather than actual Russians.
Yea I figured it's just a bunch of middle class kids who have the privilege of being online and complain. Also fuck Hexbear....all my homies hate Hexbear.
yep I got banned from there for simply stating that ukraine has a right to defend themselves after Modi called for "peace". Apparently absolute pacifism is only required from one side.
Some of us are actually normal
Yeah, when I created my Lemmy account I had to choose an instance before knowing anything about Lemmy yet. And .ml seemed like the default one to choose, given https://join-lemmy.org/ told me it is ran by the devs.
Oh well.
Similar story here tbh.
I see you, hang in there buddy!
Doesn't help if the admins think you're not. Which is why I had to relocate a community because of admin content meddling and instance users shitstorming in a waterglass.
I love it here as well 😁
Ee is cool, but your upload limits were crap.
Fair, but most of the time, photos that I post won’t get any better with more pixels anyway 😂
I throw a lot of low effort memes, so I need all the help I can get.
Seriously, the hexbears just moved one over to keep getting exposure.
Yesterday I accidentally commented in .ml and mentioned that voting third party in our current voting system is playing with fire to get a worse candidate in office. I was told I must therefore start a grassroots movement for ranked choice voting, because apparently I can't have an opinion without a movement.
Normally I let a few downvotes get under my skin more than I care to admit, but in this setting it was kind of a badge of honor. Honestly it was kind of "fun" to see what people were saying.
I approve this comment.
improved my lemmy experience ten fold just blocking that instance.
I would encourage that, but if your instance doesn't defederate them you may have to go a bit farther since you'll still get replies from lemmy.ml users, as users are not blocked as part of this functionality. And that is by design, it's not meant to act as a replacement or alternative to defederation, it's meant to act as an alternative to blocking all communities on an instance.
Good cleanup on the security vulnerabilities!
Honestly, that's the main thing I was thinking.
Anyone wanting to put vulnerabilities into Linux is probably capable of not looking like they are in Russia...
It's a statement: Russia as the only country on the world is not allowed to participate to the biggest human collaboration in existence which runs 90% of all computers due to bad state actions.
They should fucking speak up to Putin not Torvalds.
Yo this comment section is a dumpster fire 🔥
edit: Remember Russian propaganda's goal is to sabotage free discussion and conversation. They achieve this by e.g. shitting in a comment section. That might explain what's going on here. But then again, could just be the gang that hangs in c/Technology doing their thing ¯_(ツ)_/¯
Lots of pro-Russia bots in here pretending to be concerned about
their sudden inability to sneak backdoors into the kernelopen source.Linus in 2012: Nvidia fuck you
Linus in 2024: Russia fuck you
He's not wrong.....
He almost never is.
However, it makes me sad that FOSS is being pulled in to these sanctions.
It's one thing to be uncooperative with Linux development.
A very different thing is to introduce vulnerabilities into existing working code.
Unrelated but nice profile picture!
It's really awesome to expel by nationality, even including people who've long moved out and immigrated years ago and don't support the invasion and war waged on Ukraine /s
Honestly fuck Russia ofc, but this goes a bit too far into the grey area between hawkish-reasonable and discriminatory, and on the latter side I'm not sure who and/or what this is meant to help, nor does it seem particularly fair to those individual contributors to keep their code yet remove attribution and mailing list entries.
EDIT: holy shit the bloodlust in the comments here is actually unreal, even on arr slash neoliberal and the politics communities here on lemmy the comments are way more sane.
Why are people so fundamentally incapable of nuanced judgement. According to people in this comment section, a human is entirely defined by their country of origin. What is this witch hunt level, toddler IQ thinking. Are people really so desperate to have a "bad guy" that they can blame everything on? This dehumanization of people is wild to me.
This reeks of Americanism, yanks are absurdly obsessed with race and nationality
The irony of your comment is not lost on me.
But yeah if you were to measure a country by its loudest voices then that would be accurate.
That's missing a big part of the justification here. When you're from a given country, that country frequently has a lot of influence over you. You probably have family and other ties in your home country, and those can be used as leverage to get you to do what the state wants. And when your country is in active opposition to a large portion of the free world, it makes a lot of sense for people to be extra cautious in who they deal with, because it's never clear if that person is being manipulated by their former state.
So excluding someone based on nationality can absolutely make sense as an easy rule of thumb to avoid most of the problems stemming from that state.
Would you agree it's a good thing to avoid US software as they've incorporated secret surveillance into law through letters of national security to private companies?
And by extension, perhaps even shunning US citizens?
As a US citizen, I care less about where the software comes from, but who hosts that software, so I tend to use FOSS products and services, preferring to self-host where it's not too annoying.
I don't think anyone should shun citizens from any country, but we should be wary of trusting citizens from countries where the government has a larger influence. So we should be hesitant to trust people from Russia, China, North Korea, and Iran (and a bunch of others, I'm just listing the official enemies of the US), especially if they still live in those countries. That doesn't mean we should shun people from those countries (I have an awesome coworker from Iran), just that we should hesitate to put them into influential positions. I have no problem collaborating with people from any of those countries, I just think we should be a little extra careful when there's a stronger incentive for their government to get involved (and manipulating Linux is attractive for pretty much every government, esp. my own).
Because as long as the Russian state exists and can point to their "history" as an empire and use it as an excuse to take over their neighboring countries (like Latvia, the place where I'm from), I won't be satisfied.
Unfortunately nobody is bombing Moscow yet, so anything that isolates and makes the population more angry and can hopefully topple the government is a good thing in my book
Have you even read the policy? "The people removed from maintainer positions were identified as employed by companies on the US and EU sanctions list. These companies are directly involved in the Russian military complex and therefore are directly complicit in war crimes being committed daily in Ukraine". Racist? My ass.
It's disappointing behavior by Linus. It's understandable that sanctions could force the removal of people just for being Russia.
His reply however shows he personally is in favor of removing people just for being Russian.
I wonder if any of the people who pressured him to take some time off for being a "jerk" will give a shit for this response.
Isn't that a violation of the GPL?
I wouldn't want to have FSB agents maintaining my open source either.
The central project of open-source community closes doors to people based on nationality, and everyone is cheering...
Why? You seriously miss the implications of breaking the very basic principles of open source? You are ready to forgive literally anything if it is claimed to target Russia or Russians in any way?
For those of you who say about backdoors:
The only reasonable way to avoid backdoors is to meticulously check the submitted code. Threat actors can be anywhere - and Russia is not some unique threat location, nor was it banned with that justification - just "compliance requirements".
This is politics permeating the sacred place we all had. This is a giant threat to the community, and the way Linus framed it in his message is even more terrifying. This was never meant to happen.
Which is the job of maintainers. Which now aren't Russian, any more. To the best of my knowledge the kernel is still accepting code from Russian citizens, ultimately not having Russians in maintainer roles isn't going to stop the FSB from infiltrating the kernel but it certainly does make it harder.
This also isn't in any way a judgement on the removed people, it's just that it so happens that if you're a Russian citizen you're quite vulnerable to wrench attacks. You could even say that the kernel org is protecting them from being used like that.
I’m actually shocked by how people are acting about this.
You see, it’s actually a really bad thing to ban devs from an open source project based on nationality over all else. “Oh, but they are state actors!!!” How do you know? Because they are Russian?
OK, this is bs.
They're not banning devs, they're banning maintainers.
Russians can submit as many patches as they like for review, they just can't sign off on their commits themselves.
Seems pretty fair to me.
It seems they're not being removed because they're Russian, but instead because they work for specific companies who are subject to US sanctions:
No, the basic principles of open source are either the four freedoms (if you agree w/ Stallman) or the OSI open source definition. Here are Stallman's four freedoms:
Russians still have these freedoms WRT the Linux kernel. They can still run, study, and redistribute modified versions of the Linux kernel. There's no violation here.
And the OSI definition is similar (and longer, so I won't repeat it here).
No part of the definitions of open source or free software obligate a maintainer to work with anyone else, the only obligations are to the legal freedom of the code. Russians can still use, modify, and redistribute the software, they just aren't allowed to have maintainer positions within the Linux foundation. They can still submit code, and it's up to the maintainers if they choose to look at that code.
That said, I'm sad that it has come to this. I hate the idea of international politics interfering w/ FOSS, but I still maintain that it's 100% fine for Linus Torvalds (and his legal counsel) to make this call. So I agree with the core of your argument, that politics interfering w/ FOSS is bad, but I disagree that it violates any part of the basic concept of FOSS, FOSS maintainers should always be able to decide who they work with, and the rest of the community gets to decide if they're okay with that or if they'd rather follow someone else's fork.
Torvalds responses make clear he has spent too much time with the wrong people. Calling everyone paid actors is such an embarrassment to his own intelligence. When the linux kernel starts falling behind because of a lack of competent maintainers after banning any country that NATO isnt friends with, we will know that this is where it started and that people cheered.
Russians can still contribute code, don't bundle those together just to have something to list. You are correct about pegasus, but this is about kernel and rights to commit without review.
Open source IP laws operate under the jurisdiction of the citizen's country. What kind of principles do you think open source represents? Because if it's about free movement of information and global collaboration, I'm pretty sure that pirates are the group that better represents those values
How is this keeping to open source philosophies in any way?
“No, you can’t work on this, you’re Russian.”
I don’t support the Russian Government or its actions in any way, but these devs are probably not part of it. They maintain drivers for fucking ASUS hardware.
Because there are both US and EU laws preventing code from countries deemed a threat. Torvalds is paid by the Ameircan Linux Foundation, which has to work under US law and he himself is an EU citizen. Also a lot of other developers are from those countries and if they do not comply, they could get into some pretty bad legal trouble.
So it pretty much boils down to kick out the Russians or kick out all US and EU citizens and well we see Linus choice.
risc-v saw this coming a while ago and moved to Switzerland to avoid it.
Switzerland is being routinely strong-armed these days.
It's not that hard of a choice either ofc, given one is essentially required.
Do you also know Finland is next to russia and it does not have to be US influence for someone like Linus to know Russian gov can pressure developers? This change removes code commit not the contribution rights.
This has nothing to do with open source. If Russians want to work on the Linux kernel, they're absolutely free to do so, because the source code is free and open source. What they are being restricted from is getting their changes submitted to the normal Linux foundation trees. FOSS doesn't mean you're entitled to have the maintainer of a project look at your patches, it means you can use the software however you want.
And yeah, it makes me sad that Russian kernel maintainers are being excluded. That doesn't mean it's a violation of open source philosophies (a maintainer can exclude anyone they want for any reason), it just means it's an unfortunate policy due to international sanctions.
Russians aren't restricted from getting their changes submitted, they just can't be maintainers. This means that they need another maintainer to approve their changes, just like if you or me were to submit a change. A lot of people seem to be misunderstanding what actually happened.
I actually just emailed RMS about this and I'm genuinely curious what he says. If anyone else is interested, I'll ask if he's fine with me sharing some of the response.
Oh yes, an update would be really interesting! (Even though I agree with @sugar_in_your_tea@sh.itjust.works in all points.)
My opinion on this whole topic: I don't like the decision, a Free Software project should only prevent people from contributing in very rare occasions (e.g. having actively tried to sabotage the project). I don't think this was the case, because I presume that the Linux Foundation was forced by the U.S. government to kick the maintainers out. The should've also communicated more clearly to prevent the confusion. (Russian trolls will cry out no matter how they phrased that.)
Edit: Depending on their power as a maintainer, they might be hired by intelligence and forced to just wave a backdoor through. With the Russian government waging a hybrid war against the U.S. and Europe, this poses a real problem.
Another Edit: @Allero@lemmy.today mentioned that apart from Russia, the U.S., Israel and China also have a very well funded intelligence service. So banning Russian maintainers because of a potential backdoor when there are American maintainers (which could be agents) as well? I don't think it makes sense, but unfortunately the Linux Foundation won't be able to resist the "complience requirements".
Do China next
And Israel
No changes until China decides to invade Taiwan and the sanctions that Russia currently has begin.
Yeah, China are being "generic assholes" right now, but not crossing the lines into "serious villain shit" yet, at least for people who aren't in China.
But if they touch Taiwan, oh hell yeah.
I mean there are chinese spies in europe, which suppress, bully and sometimes even kill chinese journalists who have fleed (?) to europe. And thats not even a conspiracy theory, there were investigative journalists who have uncovered this in several countries. So I'd say that china is reeealy close to that villain line
And the US
I'm surprised how many people treat GPL to ignore borders. The IP law still operates only by the rules your country decides.
I can understand the desire for information to be free, but unless Open source movement becomes it's own country the discussion should end there.
Ideally the internet would be extra-sovereign
Now do this with Israelis.
The whole Grad is seething I'm loving it.
russian economy after over 1k days of war is evaporized and putin now is Xis little dog. so if we all work together now nobody will remember a country called russia in 100 years. nations are just a phantasy and it wont hurt to let go of some.
I think it's scary that the Russian Federation will probably "Balkanize" if Ukraine won't capitulate, and with how many nuclear weapons it has, that's terrifying to consider.
Then again, they probably don't work very well given what we've seen about the performance of the so-called "2nd/3rd most powerful army on Earth". But even a few potentially in the hands of an even more unhinged maniac than Putin is unsettling, to say the least.
You have to be arguing in bad faith if you’re trying to say “citizens of nation shouldn’t be responsible for their nation”
The open source benefit is not that they can directly impact it, it’s that their government can’t
If it was framed as a measure against possible government coordinated infiltration, sure. But that's not the case.
You know. I don't like what the Russian leadership and military are doing. I feel like ultimately we're in the cold war era. But you know, at the height of the cold war, radio operators around the world still worked Russian stations.
Yes, there was a very clear policy, neither side talked about ANYTHING beyond their signal report and working conditions (information about radio, power output and aerial basically). At the height of the actual cold war, the individuals were not cancelled like this.
Sanction the leadership, sanction the money, and sanction the military. But the normal people that are subject to the propaganda? I don't understand the benefit in doing this. I also don't see how the sanctions effect an open source project..
Seems a bit weird. Maybe there's information we're not privy to, but on the face of it, just based on what we're seeing. Seems like a very very odd move.
FSB wants backdoor in kernel. FSB notices subsystem maintainer is Russian, lives in Chelyabinsk. Can close eyes to backdoor, can pretend to review. FSB in Moscow make call to FSB in Chelyabinsk telling to buy heavy wrench at hardware store.
Same could be said for any intelligence service . it is better to focus on preventing and detecting these things through analysis and code reviews.
And they could just offer boatloads of cash to someone in another country to insert something so this doesn't really prevent anything it only isolates a certain subset of people.
So if we can't completely 100% deal with a problem, we shouldn't even try? I mean, you're correct, but we can't solve all problems at once. If we deal with at least one, then we've made progress. Then we can try to deal with the next one.
No but this doesn't do anything to "deal" with the problem as anyone can built up trust like Jian tan showed. The argument that this makes us more secure is like saying closed source is more secure cause the hackers dont have access to the source.
We have evidence of the US messing with nist standards so by that same logic should we assume all us actors are bad ?
The solution is to verify the code maybe have multiple people from different locations have to review stuff. Build more checks into the process.
The whole point of it being open is that it can be reviewed. It shouldn't matter where the contributor is from as all code should be subjected to a rigorous review process.
What... You realize that NIST is literally a government agency? It's part of the United States Department of Commerce. It's literally the US government. Are you saying that the government is messing with itself? What does that even mean?
If that were true, surely they'd not trust ANY of their existing work, or at least any done since the Special War Operation. Wouldn't that make sense?
They've left the code, and removed the people arbitrarily. Seems a bit off to me.
I don't think this only happens now, governments like Russia, USA, China, Israel will likely always be making these attempts.
Security. Torvalds did this for security.
Is it really that hard to parse?
And I'll say the same here as I did above. If it was for security, their code is tainted too. It's an arbitrary reaction that is not complete as a solution to anything.
They can check existing code. You have to be able to trust people who are contributing.
They can check new code by these risky people as it comes in, but it why risk it?
You can't untaint code if the tainters (lol that sounds funny) can still edit the code.
If Torvalds is correct (he is), patching can now take place for vulnerabilities.
Good point!
I am on your side and don't understand the fury of down votes in this section regarding this stance. I am from a shit hole of a country too and if my life long contribution to open science (hypothetically speaking) could be so completely disregarded because of something ultra shitty that my country did, I would be super sad and probably mad at the OS community for leaving me behind so quickly.
I also don't understand the benefit of doing this. Most people seem to claim it's for security reasons but that does not make sense to me. Closing doors to someone without any proof of malintent is so against open source philosophy that it is perhaps more damaging in its core. And being the kind of government Russia is (or for that matter Israel, China, USA etc etc) they will always try to gain cyber war advantage by such methods. This approach is therefore clearly unsustainable. You would only be able to give dev access to a handful of countries in the world.
It sure as hell won't scratch a dent in the Russian government's armor when all these sanctions did not. It is not going to achieve 1/1000th of what all those ambargoes, frozen accounts etc aimed and failed to achieve.
Therefore there is either missing information (external pressure to take this action) or this is simply an action based on personal judgement.
I thought it said expulsion of Russian Mountaineers so that was pretty confusing
It's really such a shame that the mountaineers always take so much credit when the Linux sherpas do so much of the work.
Good
altlinux devs:
oh come on we are not trolls