Comments on: This Week in Security: The Geopolitical Kernel, Roundcube, and The Archive https://hackaday.com/2024/10/25/this-week-in-security-the-geopolitical-kernel-roundcube-and-the-archive/ Fresh hacks every day Tue, 29 Oct 2024 16:18:42 +0000 hourly 1 https://wordpress.org/?v=6.6.2 By: x0rpunk https://hackaday.com/2024/10/25/this-week-in-security-the-geopolitical-kernel-roundcube-and-the-archive/#comment-8056043 Tue, 29 Oct 2024 16:18:42 +0000 https://hackaday.com/?p=729752&preview=true&preview_id=729752#comment-8056043 I just get amused by people who think public disclosure about the state of quantum computing is going to be current whether from the private sector or “public” sector..

NSA, DGSE, SVR, and MSS will probably be implementing attacks with it at least a decade before it’s even remotely disclosed.. FIPS 203/204/205 also won’t be much use if you’re still using EdDSA

]]>
By: Jonathan Bennett https://hackaday.com/2024/10/25/this-week-in-security-the-geopolitical-kernel-roundcube-and-the-archive/#comment-8056018 Tue, 29 Oct 2024 15:11:49 +0000 https://hackaday.com/?p=729752&preview=true&preview_id=729752#comment-8056018 In reply to ASAF.

I actually see this as a problem a lot of organizations have. After a controversial decision, people come out of the woodwork to criticize. Rather than accept criticism, the org dismisses it as brigading, bots, trolls, etc. Those things do happen, and it’s sometimes difficult to tell the real from the manufactured. To Torvalds’ credit, he did call out the legitimate people that were concerned, and responded to the concern.

]]>
By: combinatorylogic https://hackaday.com/2024/10/25/this-week-in-security-the-geopolitical-kernel-roundcube-and-the-archive/#comment-8055479 Mon, 28 Oct 2024 10:42:25 +0000 https://hackaday.com/?p=729752&preview=true&preview_id=729752#comment-8055479 In reply to Gravis.

Are you talking about those Boeing whistleblowers? US government is using mob methods indeed.

]]>
By: cmholm https://hackaday.com/2024/10/25/this-week-in-security-the-geopolitical-kernel-roundcube-and-the-archive/#comment-8054949 Sun, 27 Oct 2024 00:01:02 +0000 https://hackaday.com/?p=729752&preview=true&preview_id=729752#comment-8054949 Re the Linux Maintainers list, I’m reading the results correctly, only certain names and email addresses needed to be removed, not code… although there’s the complication that US sanctions against Russia include economic goods (“contributions”) from those employed by. sanctioned companies (ie. Baikal Electronics). A nice summary has been posted on Stack Exchange: https://opensource.stackexchange.com/a/15127

]]>
By: ASAF https://hackaday.com/2024/10/25/this-week-in-security-the-geopolitical-kernel-roundcube-and-the-archive/#comment-8054931 Sat, 26 Oct 2024 23:07:44 +0000 https://hackaday.com/?p=729752&preview=true&preview_id=729752#comment-8054931 In reply to Bob.

Yeah clearly anyone who criticized Torvalds stupid comments on this issue is a Russian troll /s

]]>
By: Foldi-One https://hackaday.com/2024/10/25/this-week-in-security-the-geopolitical-kernel-roundcube-and-the-archive/#comment-8054641 Sat, 26 Oct 2024 11:02:38 +0000 https://hackaday.com/?p=729752&preview=true&preview_id=729752#comment-8054641 In reply to John.

So much of any opensource project is the community – you can’t really have anonymous in a way that actually is a good defence against a nation state level of resources and still be open to expanding the community and building the trust.

So yeah I think this is probably the right move under the circumstances, nobody under the thumb of a dictator who is actively crushing the freedoms of his own people, the same freedom opensource rather requires should be let in – you can’t really trust ‘their’ contributions even if you do trust them as an individual having met at many conferences or something in the before times. Though as the USA looks like it might be on the way to having their own dictator…

]]>
By: Bob https://hackaday.com/2024/10/25/this-week-in-security-the-geopolitical-kernel-roundcube-and-the-archive/#comment-8054573 Sat, 26 Oct 2024 06:28:29 +0000 https://hackaday.com/?p=729752&preview=true&preview_id=729752#comment-8054573 In reply to Gravis.

You can tell russia is already riled up with the sheer number of astroturf trollfarm accounts that came out of the woodwork and flooded torvald’s inbox, the lkml, and the comment section every major linux outlet covering it (eg. phoronix). According to Torvalds they even had the gal to send him reversion patches directly.

]]>