/tech/ - Technology★

Also will OpenBSD add the protections that it added to the lin(t) kernel?

>>1022419 (OP)

It's a placebo as long as binary blobs and SYSTEMD exist.

>>1022427

I run Devuan on ARM board without any blobs, but not sure if grsec is worth the trouble. I can just boot NetBSD instead, and don't have to patch old 4.9 kernel, and there's no CoC, etc.

>>1022419 (OP)

>is there any news on this

Just a shitstorm back when it was released. People got sued for criticizing grsec.

>Are they ever going to release another open version?

This might be heresay, but I remember they considered releasing a stable patch every 2 years. It's almost 2 years since they dropped the free version, but I doubt it.

>Why do they get to violate the GPL by adding an additional restrictive term

Because they're a corperation that has customers, many of them big in finance and ecommerce. The FSF and co didn't even dare sue vmware for gpl violations.

I really wouldn't hope on anything. It's something like a 100,000 line patch, with no base to fork off since 2017.

>>1022428

>It's a placebo as long as binary blobs and SYSTEMD exist.

Technically correct, regarding the BB's, but it defeats lots of common programmer errors that constantly get exploited otherwise.

>but not sure if grsec is worth the trouble.

It is. Don't use linux without it.

It's like the videogame of kernel patches. It's fun, rather than just functional.

>>1022431

>Because they're a corperation that has customers, many of them big in finance and ecommerce. The FSF and co didn't even dare sue vmware for gpl violations.

>I really wouldn't hope on anything. It's something like a 100,000 line patch, with no base to fork off since 2017.

It is really a blatant violation of the terms. They can't argue it's a separable work, and they can't argue that they aren't violating the "no additional restrictions" term. They put the restriction in writing for everyone to see.

It is the most blatant public violation of the GPL that there is (others try to hide their violations atleast).

There are 100s of seperate people who have standing to sue.

Nothing.

It really angers me that I'm not getting my leet security patch for free :(

GPL is a failure.

>>1022431

>This might be heresay, but I remember they considered releasing a stable patch every 2 years. It's almost 2 years since they dropped the free version, but I doubt it.

That would be nice of them. Wish someone could convince them to do it.

I always maintain that: 1) GRSec is blatantly violating the GPL terms

2) GRSec is an excellent patch and linus doesn't know what he's talking about here

3) To obey US copyright law and obey the GPL would be emasculating for the slavic half of the operation (PaxTeam).

>>1022431

>Just a shitstorm back when it was released. People got sued for criticizing grsec.

Are there any updates on the suits?

Perens isn't updating his log anymore: https://perens.com/static/OSS_Spenger_v_Perens/

Anything from the grapevine?

Why won't anyone release the source, regardless of the threatened punishment and move the ball an inch?

Has anyone considered hacking the download servers and releasing the source and then saying "Your move GRSec"

>>1022443

>>1022442

>>1022440

Sadly, there's been zero news outside of the immediate months following closing of releases.

>>1022451

It actually might be closer to 225,000. I read both numbers from lwn.net

>>1022442

>GRSec is an excellent patch

The fact the devs are blatantly violating GPL suggests otherwise.

They wouldn't risk that much if they had a solid product, they're clearly running some sort of scam.

>>1022470

That scam is "build yourselves up as the Linux security guys and make a kernel patch nobody in their right mind would maintain unless they were paid to work on it fulltime." It didn't bring in as much money as they hoped so now they've turned to jewing their customers and hoping no one switches to OpenBSD.

>>1022451

> > 100K lines of kernel patch

>WTF is it really that huge? I want off this cianigger ride.

That's how many errors the loonix devs made that spengler had to autocorrect...

>>1022470

It's not a product, it was a labour of love for over 15 years.

>>1022475

It's no scam, it was open for more than 15 years. The guy (he and Pax (slavic fellow)) actually do know how the linux code actually interacts with x86 and x86-64 machines. Linus doesn't.... not anymore.

Trust me, I've been using their patch since the beginning.

It's only in the last year or 2 they decided they wanted money.

>>1022464

>If GRSec is such an excellent patch, why is it such a bitch to port to each new kernel and how come every distro previously using it (including security-focused ones like Alpine) decided it wasn't worth the hassle? This reeks of a badly-engineered hackjob people tolerated for muh features and because someone else was maintaining it.

Probably because of the ridiculous flux of the kernel. Constantly writing and rewriting 100's of 1000s of lines of code for no reason. It's not a sane project. In the past the linux-kernel wasn't like this... but then the wage-slaves got ahold of it. When they make mistakes you have to fix them, or change the code to work with the grsec features.

>The GRSec fags ultimately care more about squeezing shekels out of their customers than actual security. If they did, they'd either make their own unixlike OS designed around their idea of security or contribute to something like OpenBSD (assuming they could meet Theo's standards).

The reason to use loonix is the drivers. And with GRSec the fixes regarding buffer overruns etc (which OpenBSD doesn't have yet IIRC, but even windows has now).

For 15 years it was a labour of love, no charge, no violations.

It was part of the hardened linux kernel back in the mandrake days (2000) goes way back.

Now they decided to violate the GPL and want tons of money.

And no one sues them for their additional restrictive terms...

>>1022464

>distro previously using it (including security-focused ones like Alpine) decided it wasn't worth the hassle?

The same reason all the distros switched to systemd: Distro maintainers are lazy idiots, not programmers. Wasn't always the case but it is now.

>>1022457

Does anything go on in the grsec irc channels?

>>1022485

Not that I know of. Most of their outward presense is kept under lock since 2017. Forum is a wasteland.

>>1022482

I felt if this battle was fought back in 2017, it would've had more of a chance, but most people have just accepted it. I heard of it again through a mailing list, and I assume some of the other anons also heard it from a copypasta spread there. I know it was sent to the Open and Free BSD lists.

>>1022497

Was it this copypasta: https://lkml.org/lkml/2019/1/23/655

?

The battle can still be fought, each time they redistribute the work with the additional restrictive term tolls the statute of limitations (I think it's 2 years from the violation for copyright stuff, though it's split on weather it's 2 years from the violation or 2 years from discovery of the violation)

>>1022497

Any non-outward work going on, some insider info, or info from customers?

>>1022501

from a redchan.it email on the FreeBSD mailing list

```There are two iron laws when it comes to the linux-kernel and it's

facing towards the larger world.

1) The grsecurity-pax patch is absolutely vital if one wishes to not be

hacked by chinese(TM). (And has been vital for the last 15+ years.)

2) GRSecurity is _blatantly_ violating the GPL by adding additional

restrictive terms.

Other things we have come to know is that

A) Linus is a poor judge of quality, or just out of touch.

To say that GRSecurity is garbage?

No linus, it's just the layer covering up the shit heap that the

linux-kernel is when it comes to exploitable code.

That stench you smell is not that nice grassy cover over the garbage

tip, it is what is below, what that top is holding down.

You know... I would expect the things that Linus said about GRSecurity

from a white woman... I would expect that. Knowing nothing, spouting

bullshit, destroying lives. That's their _thing_.

But from a man?

Well, goes to show you. White men ain't men. Best they are is 40 year

old bois. Faggots to say for short in American parlance.

Same reason they won't hold it down when a bunch of fucking cunts CoC

them. You build the whole edifice, then you let a bunch of do-nothing

white women rule over the thing you built and you.

But hey, that's Linux!```

>>1022497

> I know it was sent to the Open

Everything is sent to the OpenBSD mailing list, out of respect to them, to keep them in the loop, should they wish to discuss.

They are the lain-os afterall, somehow...

>>1022503

I notice no one responds to such emails anymore on the LKML, years ago people would engage in debate.

Now it's all work work work. Nothing more.

>>1022503

Shame no one responds anymore. Only work related stuff is responded too. Feel free to respond on the bsd mailing list (and cc to Open's aswell: misc@openbsd.org (and maybe lkml: linux-kernel@vger.kernel.org ).

Some words of truth to linux never hurt anybody, right...

>>1022502

Grsec in practise refuses to deal with smaller businesses. I only know what I know from online research and a few friends in some IT teams. I have no acess to Grsec myself, and I doubt I would be able to get it for the company I work for.

>>1022503

> 1) The grsecurity-pax patch is absolutely vital if one wishes to not be hacked by chinese(TM). (And has been vital for the last 15+ years.)

What if some people just don't run services outside of localhost, and even use separate account for bloated Firefox (not my "default" browser, tbh).

grsecurity is a set of patches for the Linux kernel which emphasize security enhancements. The patches are typically used by computer systems which accept remote connections from untrusted locations, such as web servers and systems offering shell access to its users.

>>1022503

cringey and brownpilled

>>1022480

>>1022482

>It's only in the last year or 2 they decided they wanted money.

>Now they decided to violate the GPL and want tons of money.

They wanted money before that, part of the reason they went full turbojew is because they saw distros/companies using their patches without paying them as thieves.

>>1022484

>not porting the grsecurity clusterfuck yourself is just like using systemd

Funny, Gentoo and Alpine Linux abandoned grsecurity and both avoid systemd like the plague. Gentoo even goes out of their way to maintain a systemd-free fork of udev. If avoiding the all-consuming systemd and maintaining your own udev fork is easier than maintaining a fucking kernel patch, maybe you should take this as a sign said patch isn't as perfect as you think.

>>1022524

>What if some people just don't run services outside of localhost, and even use separate account for bloated Firefox (not my "default" browser, tbh).

Grsec prevents alot of the standard remote execution bugs (buffer overflows etc), so if someone is exploiting your browser using those you won't get pwnd.

>>1022534

> If avoiding the all-consuming systemd and maintaining your own udev fork is easier than maintaining a fucking kernel patch, maybe you should take this as a sign said patch isn't as perfect as you think.

It is. Grsec snakes through the whole kernel. Any change made requires a fix to bring it back into working with grsec. It sounds like you kinda just don't know how C programming works... making all these vague comparisons.

(C programming works as such: you have an idea of what asm you want. You try to trick the compiler into producing said asm. It is an art)

>>1022534

>They wanted money before that, part of the reason they went full turbojew is because they saw distros/companies using their patches without paying them as thieves.

And yet they stole the entire linux kernel source and built a derivative work from it.

So what is the solution? Sue them? It can be done. Theirs is the most blatant upfront violation of the GPL I've ever seen (they put it in writing and don't try to hide it)

Why hasn't anyone hacked their DL server and stolen the code back and released it?

>>1022530

It would be a great benefit if you wrote a piece regarding grsecurity and sent it to these lists:

> linux-kernel@vger.kernel.org, gentoo-user@lists.gentoo.org, freebsd-chat@freebsd.org, misc@openbsd.org

Please do so. The more discussion the merrier.

>>1022512

>Grsec in practise refuses to deal with smaller businesses. I only know what I know from online research and a few friends in some IT teams. I have no acess to Grsec myself, and I doubt I would be able to get it for the company I work for.

They're afraid that a small company would pay for 1 server "license" and then release the code, I think.

What did the IT teams you talked to think about all this?

https://lkml.org/lkml/2019/1/23/759

>From Ivan Ivanov <>

>Date Wed, 23 Jan 2019 23:46:55 +0300

>Subject Re: GRSec is vital to Linux security

>Interesting point of view. Well, to be honest it seems to me that

Linux kernel sacrifices the security for the sake of progress, so it

is quite bloated at the moment and I am not sure that even GRSecurity

could fix it. Linux really needs to stop adding new features and

refactor itself to a smaller and more secure codebase before going

forward. Maybe 1 year break would be nice.

This man speaks the truth. The constant needless flux reintroduces long fixed bugs. It's like an endless inflowing tide.

>>1022541

>Grsec snakes through the whole kernel. Any change made requires a fix to bring it back into working with grsec.

Here's the problem. If Linux is as awful as the grsec fags claim, why didn't they work on their own kernel instead of niggerrigging their own shit onto Linux? Everything I've heard so far makes the grsec team sound legitimately stupid and now they're putting themselves at legal risk because their clusterfuck of a kernel patch wasn't making them as filthy rich as they hoped.

>>1022543

Right. I don't know their motivations, but that is a fair estimation. Someone sets up like, Louisville, Kentucky's first Docker vps service and pays for the grsec kernel. Suddenly its now a /tech/ front company that leaks sources to TOR.

As for the teams I've talked to, well again, working with grsec is much higher scale than say at the company I work with. One of my friends works at a regional logistics company, and they have a boatload of things in terms of fegulations and compliance. From what it seems, grsec and related infosec focused modifications help a lot with compliance and getting sweet contracts.

Grsec only lists a bunch of no name companies and Dreamhost on their website, but with how fast AWS got their servers patched for spectre and meltdown, I wouldn't be suprised if they ran it underneath.

>>1022539

But teh firefox user has no privileges and also I deleted programs "sudo" and "su". :DDD

>

If you would spam all the Linux and FreeBSD lists with topics about us

using FreeBSD and/or Linux, while other people don't have access to

drinkable water and we should be ashamed, I would have empathy even for

whining.

what a faggot

Your fucking captcha doesn't work. You all fucking idiots here are using this shit with javascript enabled???

>>1022480

>Trust me, I've been using their patch since the beginning

That doesn't make me trust you at all, retarded fanboy.

Why do you want to put your ass in dependence on its single mentally unstable developer?

>>1022552

>Everything I've heard so far

That's the problem; you're going by what you heard.

You haven't been around and used grsec for 15 years and watch it develop.

You speak from ignorance and "dead rekoning", almost like any normie. You're using "common sense" in the tech world. It works as well as using such in the law world.

Your anger is warranted. You just need more history to back it up.

>makes the grsec team sound legitimately stupid and now they're putting themselves at legal risk

They are.

B L A T A N T - in writing - flagrant disregard an enumerated term in the license that allows them to make their patch in the first place

Any one of the kernel programmers who's code they modified and base their derivative work off of could sue them. They could band together and sue them. 100s of different people could sue them

>because their clusterfuck of a kernel patch

"like father, like son". The patch is a monolithic "clusterfuck" because the kernel is.

It is the _best_ out-of-tree patch there has ever been however. 15 years of keeping it all working, and fixing kernel-team's bugs

>wasn't making them as filthy rich as they hoped.

They weren't looking for money for most of the existence of grsec. It was a hobby. Now bobby wants to fuck stacy, so needs muny.

But bobby ain't chad. He's nerd.

But he thinks he might be a ceo chad, so betrays his fellow nerds.

Oh and violates the copyright on the linux-kernel too.

>>1022718

>Why do you want to put your ass in dependence on its single mentally unstable developer?

It's the opensource way.

Linus, Theo, Spengler.

Thing is, he's the only one doing it for linux. There is no choice here.

And with the way the kernel is structured, and linus' inability to not have the whole code base constantly rewritten for no-purpose ... what other option could there be?

It is insanity to try to create an out-of-tree significant patch in that storm.

Only the corps can keep up... and spengler.

>>1022736

Not the anon you replied to, but as i've said before, it's highly unlikely. I've taken the given-up-pill on grsec ever since the libel suit ended in a 260k settlement

>>1022553

>As for the teams I've talked to, well again, working with grsec is much higher scale than say at the company I work with. One of my friends works at a regional logistics company, and they have a boatload of things in terms of fegulations and compliance. From what it seems, grsec and related infosec focused modifications help a lot with compliance and getting sweet contracts.

Can you get him to leak the source?

I mean, GPL...

>>1022739

> I've taken the given-up-pill on grsec ever since the libel suit ended in a 260k settlement

The settlement was against GRSec: they have to pay Bruce.

Why give up? It's a win...

>>1022649

>Your fucking captcha doesn't work. You all fucking idiots here are using this shit with javascript enabled???

Ofcourse not.

>>1022565

:P lol

Use the onion site:

http://oxwugzccvk3dk6tj.onion/tech/res/1022419.html

>>1022741

Because that was the last big news we heard about it. Yes it was only a half year ago, but there's been nothing since, and I doubt there will be big news again. Doesn't seem like any of the free software legal groups have an interest in taking the case up.

What does he mean by this?:

https://lkml.org/lkml/2019/1/24/497

Date Thu, 24 Jan 2019 17:03:33 +0100

From Adam Borowski <>

Subject Re: GRSec is vital to Linux security

On Thu, Jan 24, 2019 at 04:31:10PM +0100, Enrico Weigelt, metux IT consult wrote:

> On 23.01.19 21:46, Ivan Ivanov wrote:

>

> > Linux really needs to stop adding new features and

> > refactor itself to a smaller and more secure codebase before going

> > forward. Maybe 1 year break would be nice.

>

> Do you have some actual proposals / patches ?

Enrico, you're responding to a notorious troll. If you haven't noticed,

this "Ivan Ivanov" sock puppet is a persona of some bastard who talks to

him/herself while tarnishing the name of our dear friend MikeeUSA (a true

pillar of the community!). His/her methods evolve, but the gist is the

same. Expect bringing up a bogus but semi-plausible controversy in order

to start as big a thread as possible, then once people who this bastard

wants to attack have joined, try to equate their position in the public view

with statements such as:

(Excuse the quotation, please wipe your monitor afterwards.)

# But from a man?

#

# Well, goes to show you. White men ain't men. Best they are is 40 year

# old bois. Faggots to say for short in American parlance.

#

# Same reason they won't hold it down when a bunch of fucking cunts CoC

# them. You build the whole edifice, then you let a bunch of do-nothing

# white women rule over the thing you built and you.

And this has been going for quite a while.

Connecting to systemd threads doesn't seem to work any longer, as people on

debian-user vs dng have wisened up. Same with license rescinsion threads.

What you read is just a yet another attempt to stir up some excrement.

Don't let any of it spray on you. Because that's the fake-Mikee's way.

Meow!

--

⢀⣴⠾⠻⢶⣦⠀

⣾⠁⢠⠒⠀⣿⡁ Remember, the S in "IoT" stands for Security, while P stands

⢿⡄⠘⠷⠚⠋⠀ for Privacy.

⠈⠳⣄⠀⠀⠀⠀

>>1022744

>>1022741

>Because that was the last big news we heard about it. Yes it was only a half year ago, but there's been nothing since, and I doubt there will be big news again. Doesn't seem like any of the free software legal groups have an interest in taking the case up.

The "free software legal groups" exist only to commit legal malpractice.

The guy who ran the SFConservancy (Bradly Kuhn IIRC) isn't even a lawyer. He advises "clients" to wait it out: AKA run down the statute-of-limitations so you have no case.

A fucking _FAGGOT_.

You cannot rely on the "Free software legal groups" to help you because _they do not exist_.

Only recently did the SFConservancy hire a lawyer, and they had to put her in the head position because Bar rules do not allow a lawyer to be below non-lawyers in a legal firm.

>Use the onion site:

Well now I'm using it. But where do you think I found this onion link? On the fucking Plebbit! But of course I didn't trust it, so I had to look into the source code of the page to get the link, because the Tor icon is not visible without javscript enbabled!

True story, bro. Now I can post without javashit. Nice site you have here.

https://lkml.org/lkml/2019/1/24/531

https://lkml.org/lkml/2019/1/24/538

>>1022751

Now another problem is that the Nerve Center link still leads to 8ch.net.

>>1022754

>https://lkml.org/lkml/2019/1/24/538

He said "faggot" there. B-but what about the shiny new Cock of Con-duck? Is he going to be demoted or something?

https://lkml.org/lkml/2019/1/24/545

From: Boris Lukashev

You've never heard of VMware, I take it? Its a proprietary half Linux

which beats GPL suits with strong arm tactics and technicalities. Unlike

grsec, they don't distribute any source, because it's proof of theft...

Grsecs back port work is also public, since they're public upstream

patches or mailing list patches, the GCC plugins are the real magic...

Those aren't as GPL as the kernel, rap is patented, respectre likely

will be as well. The critical code changes they need (per CPU PGD, for

one) will not be accepted as Linus has "said so." Those code bits are

out there...

Also, doesn't matter if their patch leaks for the most part (4.4 just

did get leaked a few weeks back), as I wrote before, nobody really has

the time or skill available to maintain at their level of quality...

Linux might be free, but it's not something that should be run in

production when there's data or resource at stake.

Is the thought process that they should open up their commercial stable

code for free to all? Because RHEL has the same "don't leak" policy on

RHEL sources too... VMware even goes so far as to blatantly claim not to

use Linux. How about Google's internal Linux?

GPL is dead (has been for 20y), build the strongest defenses you can

with whatever code you can get and prove, because your adversaries won't

care about which license clause their tooling adheres to.

Boris Lukashev

Systems Architect

Semper Victus

>>1022738

>Thing is, he's the only one doing it for linux. There is no choice here.

There are a lot of security modules.

https://en.wikipedia.org/wiki/Linux_Security_Modules

>>1022740

It's a friend of a friend thing. My friend's IT team pays for RHEL and hardens it inhouse. But he knows of other companies that have been contractors who use grsec or have used it.

https://lkml.org/lkml/2019/1/24/553

There is ample standing to sue. GRSec made it's "access agreement"

public,

which included terms to prevent redistribution (if you redistribute, we

punish you). Which is a direct violation of the "no additional

restrictive terms"

clause in the GPL.

Why won't anyone bring a copyright lawsuit?

Are they happy that GRSec gets to use their code, and prevent anyone

from

freeing the derivative work? The whole point of the GPL is that

derivative

works be under the same terms.

Bradly Spengler has violated this understanding, he thinks that his code

doesn't need to be under the same terms. The code which is simply a

derivative work of the linux kernel.

There is a valid, actionable case here.

Any of the programmers / copyright owners who's code he modified can sue

him.

He is violating their terms of use of their software.

He is in the USA. It's not difficult. Just SUE.

Just because VMWare does things one doesn't like doesn't mean you cannot

sue

Bradly Spengler.

Another thing is, the "Free software" legal "representation" is trash.

The SFConservancy was run for the longest time by a non-lawyer BKuhn.

He advised "clients" to WAIT it out! And then.. guess what they have

waiting years?

No case because the statute of limitations had been passed.

That's how that baby-faced moron has "helped" the free software legal

cause.

You guys need to hire real IP lawyers, not bullshit pretenders.

And if Bradly is making money, and enough of it, you might have profits

you could target.

I kinda think that the "Free software legal" teams exist only to diffuse

valid suits,

and stymie the guys who actually wrote the code and retained their

copyrights.

Pure legal malpractice by any accounting.

On 2019-01-24 16:25, Boris Lukashev wrote:

> You've never heard of VMware, I take it? Its a proprietary half Linux

> which beats GPL suits with strong arm tactics and technicalities.

>>1022767

They suck.

>>1022738

>It's the opensource way.

>Linus, Theo, Spengler.

GRSecurity is tied strictly to Spengler, there's no developer community around.

>>1022771

>They suck.

Yeah, because Spengler said so. The guy who wants to make money on kernel security, criticizes security modules. Surprise, surprise.

Where does PaxTeam stand on all this?

I notice they never update their patch anymore

(it was always updated inside grsec)

What does the anon french guy (he's not a slav from eastern europe?) stand in all of this?

A collaborator still with spengler? Or a hero who will leak the whole thing?

As far as I've seen the evidence points to collaborator in the flagrant copyright violation...

Why does no one hack the servers and post Grsec-Copyright-Violation-Edition for all the world and tell spengler "we are enforcing the GEE PEEE ELLL"

It's right there, in back of a password protected pay wall.

Like "hahaha the air is so close, yet you drown one mm below the water in this cage!"

Then we could have a headline "HACKER PIRATES VIOLATE COPYRIGHT OF VIOLATOR OF COPYRIGHT!"

>>1022773

It really seems that PaxTeam is a close collaborator. So 2 people.

>>1022749

What is Adam's problem?

>>1022794

>bullshit post

>"from what I've heard"

Grsecurity and it's RBAC gets used, has been consistent for 15 years.

SELinux doesn't because it's too convoluted and hard.

>>1022784

>It really seems that PaxTeam is a close collaborator. So 2 people.

PaxTeam can join Brad Spengler Incorporated to form a multinational conglomerate.

>>1022815

>PaxTeam can join Brad Spengler Incorporated to form a multinational conglomerate.

hehe

Why did he call himself "PaxTeam" when he is just one anon guy?

>>1022794

>and its overdesigned kin.

This is all an artifact of the "design" of linux.

AKA: no design.

You can't blaim a vine for conforming to the tree.

>>1022799

> SELinux doesn't because it's too convoluted and hard.

Plain SELinux is actually pretty simple. The Red Had framework on top of it with m4 macros is the mess.

https://lkml.org/lkml/2019/1/24/497

What is Adam's problem?

>>1022839

Gradm and RBAC from GrSec were nice.

Used it years ago. I had an auto-rule-set creation setting, you ran it for awhile, doing the things you did. Then made the ruleset more liberal if you wished (with * as wildcards).

All gone now, because no one can keep up with modern linux churn.

It's like a sickening sinking feeling in the gut. Had this thing forever, now they took it away.

>>1022822

>Why did he call himself "PaxTeam" when he is just one anon guy?

Maybe it's just his real name. You know those Frenchmen.

>>1022850

Why do they get to leave the boat of software communism?

Why do they get to close a GPL'd work?

>>1022848

AppArmor and Tomoyo both provide MAC and have a learning mode that allows you to generate policies. Not the same as RBAC, I know, but still a nice option.

I'm not aware of anything that's a suitable replacement for PaX, though, so the loss of those patches is a shame.

>>1022862

>AppArmor and Tomoyo both provide MAC and have a learning mode that allows you to generate policies.

You can do it on SELinux with audit2allow.

>>1022848

>Then made the ruleset more liberal if you wished (with * as wildcards).

You can do it on SELinux too.

https://selinuxproject.org/page/AVCRules

>>1022862

>I'm not aware of anything that's a suitable replacement for PaX, though, so the loss of those patches is a shame.

What about a lawsuit? Would a lawsuit fill the hole?

Any leaked versions?

Anyone else have grapevine stories?

https://lkml.org/lkml/2019/1/25/514

> Are you a lawyer,

Yes (also a programmer)

> acting on behalf of someone

No

> Sue to what end?

I wish I could say "to free the source", a court isn't going to order

specific performance where there is no contract, and there is no

contract between the Copyright owners and GRSec. Just a bare (and

revocable at will) license.

They could revoke if they didn't like Brad's face.

They can sue for damages (profits probably) since he violated the

license, and thus copyright (he would be more protected if he did have a

contract with the (C) owners: damages on his end would then more likely

simply be whatever he paid for the license)

> Force them to freely distribute their work/give up

> all those hours of backports/integration and actual invention?

I wish this were possible, but the GPL is not a contract in this

instance, so specific performance is not available. It's just a bare

license, you can get damages ($), that's all.

If the Copyright owners registered their copyrights prior to the

violation they could go for statutory damages and attorneys fees though.

So to what end...

Rage at GRSec getting off the opensource boat.

Anger at not having the security-code /slave/ we had for years.

Bellowing about how we are servants to our creed, and yet this

once-compatriot has betrayed that which we hold dear.

An attempt to use the GPL as a sword (instead of as a shield)?

Opensource works because men like being slaves. Slaves to their country,

slaves to women, slaves to an engineering field, slaves to a belief,

(and more recently: slaves to Codes of Conducts for hobby projects!).

Should not those who are still the slaves, rage against he who would use

their free labour and end his contributions back?

I think that is the entire point of "Copyleft". It's a way of getting

work that would cost millions of dollars, for free.

It works pretty well, up until 40 year old programmer has no stacy to

fuck, and no possibility of getting one.

But there's one last striving that can be done: one more needle prick

(or even knife gouge) that can be done against the escapee: and that is

a copyright lawsuit.

Since I cannot have my free leet secure kernel patch anymore... and no

one is out-in-the-open posting it in defiance of Brad (the escapee), I

would like one of the fellow slaves with standing - to sue him. In

vengeance for his betrayal of our class. They have a justiciable case,

evidence already in the hands of the courts (thanks to the libel case

(Thank you Bruce :D)).

What I really want is for GRSec to remain or return to being open and

free, like the GPL is supposed to provide.

On 2019-01-24 20:18, Boris Lukashev wrote:

> Sue to what end? Force them to freely distribute their work/give up

> all those hours of backports/integration and actual invention? The

> only thing a suit could achieve is to prevent them from doing any work

> at all as you cant force someone to work for free (in the US, under

> most circumstances). No contributor will be able to prove quantifiable

> material damages, and the outcomes are between destruction of the only

> Linux vendor who puts priority on security or a waste of money and

> time in the lawsuit. Only the lawyers benefit, everyone else loses out

> directly or indirectly. Are you a lawyer, acting on behalf of someone

> interested in slowing the progress of defensive technologies, or just

> miss the days when being as script kiddie made people feel powerful?

>

>>1023012

>>1023038

I have nothing else than what i've posted. To anyone hoping for a leak, I think your best bet is something down the line. It's been only a half year, and I think a leak causing trouble is much more likely than a lawsuit(which would be very unlikely to start). Again, someone could make a front company and get the sourced that way.

>>1022419 (OP)

The end of these patches is why I want to switch to OpenBSD.

>The end of these patches is why I want to switch to OpenBSD.

Same here.

OpenBSD hasn't implemented all the protections though.

>>1023093

Could you talk to your people in the industry, and demonically conspire to at some point release the source in some spectacular way that will attract much attention and ire from grsec?

They will say it's illegal and try to get prosecutors after the leakers.

So do so anon...

>>1023093

Could you talk to your people in the industry, and demonically conspire to at some point release the source in some spectacular way that will attract much attention and ire from grsec?

They will say it's illegal, I wonder if they will try to get prosecutors after the leakers (who must remain anon)

>>1023093

Could you talk to your people in the industry, and devilishly conspire to at some point release the source in some spectacular way that will attract much attention and ire from grsec?

Do you think they will say it's illegal? I wonder if they will try to get prosecutors after the leakers (who must remain anon)

>>1023206

>>1023207

>>1023208

Why 8chan? Why.

>>1023209

I think this explains it, my dude:

This page (https://media.8ch.net/file_store/9335c699581dc9edde6de0e02571522a98bfcc5e656c872959b997ab6baff46d.jpg) is currently offline. However, because the site uses Cuckflare's cianigger MITM™ technology you can continue to surf a snapshot of the site. We will keep checking in the background and, as soon as the site comes back, you will automatically be served the live version. Always Online™ is powered by Cloudflare | Hide this Alert 503 Service Temporarily Unavailable

>>1023234

>clearnet niggers

The tor site doesn't use cloudflare

>>1023247

I don't care, I'm not fillout of Tor captchas.

>>1023256

Tor site doesn't have any capachatas.

Can't upload files tho.

>>1023263

Sometimes it does, sometimes it doesn't. Regardless it isn't 1 capcha per post, it's one per five posts which isn't too bad

>>1023267

Never has capathatas here.

Turn off javascript.

test

>>1023208

Well, according to their contract, and the GPL, someone who shares is free to do so. BUT, your contract with them would be canceled. Anyways, like I said, it's a friend of a friend thing. I personally feel that 200 is a ripoff, and my pal's team does too, seeing as I said, they harden the RHEL kernel inhouse.

>>1023278

addendum, I put "200" because that was the price that came to mind. From what I've seen, they do price on a case by case basis. 200 was just the price for the stable patches back when the testing ones were out, afaik

The grsecurity team can rescind their GPLv2 at any time since the latest versions are currently available only through paid subscriptions.

>>1023736

They can stop releasing the code under the GPL2 whenever they want. The people that are already licensed are fine though, and I can get it from them.

>>1023736

Under US law this is correct. A gratis license is revocable.

(not so under other country's laws)

There's a sticking point tho: they're a derivative work of a GPL'd work.

A revocation by them... does it trigger "automatic revocation" by the license. Maybe. Would the linux-kernel copyright owners "manually" revoke from GRsec. Maybe also.

>>1023754

Practically yes, however the GPL can be revoked from non-paying people, just like any bare license with no interest attached to it (you didn't pay).

Remember: Free Software is a concept, created and upheld by /The People/. Not US law.

GRSec has allready said fuck you to /The People/.

Might aswell go all the way.

>>1023754

psst, can you pirate that shit yo?

>>1024080

>>1024079

Lol you just gonna shill in every single thread with your pseudolegal sov citizen bullshit?

Name even one case of the GPL being revoked on a whim and the court upholding it. Proptip you cant.

And even in some fantasy land where it was true, fuck you i'm pirating it just like any other media.

>>1023087

>>> Are you a lawyer,

>>Yes (also a programmer)

You must be really shitty at both then.

>>1024099

>Name even one case of the GPL being revoked on a whim and the court upholding it. Proptip you cant.

The amount of times the GPL has been part of a court case in the US can be counted on one hand.

I wonder why that is..

It is because 1) the devs do it for free (and cannot afford lawyers)

2) The devs are completely ignorant of the law and simply believe what they are told by other devs.

3) The devs don't even read the memorandums they use.

4) the "free software legal defense" organizations are very careful what cases they bring and what arguments they make. They know that under US law a gratis license is revocable. The FSF requires contributors to sign over their copyrights for a reason.

5) the distros did comply with the ATSC capture and edit tool GPL revocation, because they did not want to be sued. The law was and is on the side of author. They complied quietly, and mocked the author, but they complied. You won't find that old code around anymore.

The GPL is barely ever litigated in the US, Opensource is barely ever litigated in the US.

Just because there are no cases yet DOES NOT MEAN anything.

There is such a case as a case of first impression.

>And even in some fantasy land where it was true, fuck you i'm pirating it just like any other media.

=

>U have no case.

>But I don't follow the law anyway.

I do have a case, and you will catch one if you are one of the people I have revoked the license from and defy my writ.

>>1024585

>I do have a case, and you will catch one if you are one of the people I have revoked the license from and defy my writ.

Do it faggot. Make our day.

>>1024585

how is the weed farm going nannymoose

The official grsecurity blog and forum are dead as a result of going into the shadows.

isnt the unstable version still available if you really want it or did they remove that too

>>1023206

you can distribute the code that you have but they can stop giving you updates to it if they want

>>1034438

The way they accomplish this is an additional restrictive term, forbidden by the terms of the original work they made their derivative work off of.

You can claim whatever you fucking want, but "DO NOT REDISTRIBUTE OR WE PUNISH YOU, NO REFUNDS, WE KEEP MONEY" _is_ an additional restriction over and above the original work's terms.

It _IS_ a copyright infringement.

Ofcourse the linux programmers could revoke for any reason what-so-ever since it's just a bare license and not a contract (Spengler payed Lin-team nothing. No: hate and derision from both sides is not consideration).

They won't even fight blatant violations, in writing.

>>1022480

what was once good isn't necessarily good today or in the future,, retard.

>it's no scam

yes it is. stop pretending that this is okay.

>>1022484

>implying alpine and gentoo are niggerlicious

>>1022524

>>1022565

but that isn't excuse for the existing security issues in Loonix

>>1022552

the reason why Linux is awful is that it's getting more and more bloated, and that companies have more and more power over Linux.

>>1022565

get >>>/out/

>>1022785

>>1022847

(((Adam))) just wants to shut it down, you stupid goy!

>>1022771

>They suck

no u

SElinux sucks because it's just too complicated to use.

>>1022839

why wouldn't I just use Apparmor instead of SElinux??

>>1024079

>>1024099

>>1035629

could you

learn to format

your posts better? (it's hard to read your posts because of reddit spacing)

>>1022799

>>1022839

Both selinux and the "framework" that sits above it (why is red hat so brainless, always adding more bloat, they only know how to bloat things more it seems) are bloat and filled with (((backdoors from nsa etc.))).

>>1035659

A scam implies deception about what's happening in the transaction. There is no deception, everything that happens is clear for all customers to see. It is not a scam.

>>1023012

https://github.com/jameshilliard/linux-grsec

not sure what this is but it's unmainted, old, untrusted and

it might lack spectre fixes compared to latest 4.4.x

>>1035629

>You can claim whatever you fucking want, but "DO NOT REDISTRIBUTE OR

I WILL NOT INVITE YOU TO ANY MORE OF MY DINNER PARTIES

AND IF YOU ASK FOR THE HAND OF MY LITTLE SISTER IN MARRIAGE I WILL REFUSE ALL BLESSINGS

AND IF YOU WERE ON FIRE I WOULD PISS ON YOU TO PUT IT OUT BUT I WOULD BE MEAN ABOUT IT AND WOULD SOMETIMES LOUDLY SPEAK ABOUT PISSING ON YOU AT PUBLIC EVENTS"

> _is_ an additional restriction over and above the original work's terms.

yeah but the GPL doesn't bind me to be quiet about the pissing thing, dude.

>>1036201

>I WILL NOT INVITE YOU TO ANY MORE OF MY DINNER PARTIES

Wha, What? You are saying I cannot use your property forever once you invited me in once?

No no no! You cannot Rescind()!

As you know, once you extend a license to me, for free (ofcourse), to enter your property, I hold that license forever!

New legal theory: Is this a true statement (No: hate and derision from both sides is not consideration)

I mean, white programmers /enjoy/ slicing their penis and balls off... they pay for the privilege, 1000's of dollars. Are we /sure/ hate and derision is not a valid form of consideration????

>>1022552

The kernel is a clusterfuck, how can the patch be any better? It can't, it has to conform to the kernel.. architecture (not that the kernel was "designed" in any way...)

They did put themselves in legal jeopardy, the guy probably want's some money so he can fuck bitches though.. everyone eventually gives in. At any time the kernel team could have applied the patch and make him and PaxTeam (I guess the 1 guy plus an army of angels?) the security czar of linux. Everything was disable-able so you didn't have to have any slowdowns if you love that 3 to 5 percent more performance and zero security.

>>1035659

> >it's no scam

>yes it is. stop pretending that this is okay.

The patch does what it says it does. That part isn't a scam.

They are committing open and blatant copyright infringement, and suing Bruce Perens to stop Bruce Perens from parroting what MikeeUSA wrote on the mailing list (oh, sorry, "A concerned Foss Developer", not mikeeusa, no siree).

They have it in writing.

But.. that is not a scam. It's just illegal.

>>1035950

Spengler knows the lin team won't sue.

He also knows he's violating the term outright, and in writing, but he _knows_ the lin team won't sue him.

It's a calculated risk.

There is no fraud here though, just (C) infringement and a fuck you attitude towards the kernel team: the same attitude they give him.

>>1038102

>The patch does what it says it does.

How do you know/verify this?

Who audits the claims?

>>1038231

<PROOFS PROOFS PROOFS, 15 years of PROOFS IS NOT ENOUGH

Those trying to break it.

You can also try it yourself. You know how to compile exploit code anon, right?

>>1038231

It's like you just learned of GRSec and PaX yesterday.

>It's all LIES, SNAKE OIL, THERE'S NO PATCH, FAKE!

F _ U _ C _ K.. Fuck you.

Google is your friend.

Or you could have lived the rise and fall of the hacker OS.

But no, you're just some fuck.

<google is your friend

Glow detected

>>1038513

<Look up the PROOFS for me

<.T some pro-women's rights anti-marry-girl-children heretic piece of shit that should be dead.

HAPAS ARE SUPERIOR TO WHITES

HAPAS ARE SUPERIOR TO WHITES

HAPAS ARE SUPERIOR TO WHITES

>all these anons wondering why someone hasn't hacked the grsec website for the patchset

Because they are using grsec, the golden standard for linux security, duh. Zerodays won't work if the kernel just kills it with fire via RBAC as soon as the zeroday is used.

>all these anons wanting legal action

No legal action will be taken because both the linux kernel team and spengler are under secret court orders to ruin their respective patches/kernels.

>all the anons wanting leaks

There won't be any leaks because the big corps using it, amazon/google/nsa/facebook/etc have a dedicated mossad team handling it.

Also to all you fags still using the grsec patchset there was a bug that is now a backdoor in the old 2017 patchset because of a bug spengler admited existed in it within his blogpost shit. So stop using it and use the shit linux kernel with the foward ported features which is still exploitable shit.

HAPAS ARE SUPERIOR TO WHITES

Fucking slide threads everywhere

Holy fuck what is going on in this thread