Linux infosec outfit does a Torvalds, rageblocks innocent vuln spotter An open source security firm has blocked a security researcher who reported flaws in a recently issued patch in an apparent fit of pique. Hector Martin took to Twitter on Tuesday to note a trivial crashing vulnerability in a recently issued patch by Grsecurity. “I literally crashed my box by pasting a bunch of text into a …
>It's because he's famous for this kind of dickish behaviour.
Has Linus blocked anyone from the LKML for pointing out an issue? I don't think he even has the power to do that. The closest thing Linus has done is say he won't accept patches from people that keep sending him crap until they get their act together and that's a real stretch.
p.s. don't believe everything you read on the register about Linus. They have been known to stretch the truth too far and outright have no idea what they are talking about.
> It's because he's famous for this kind of dickish behaviour.
Only if you read idiotic red-top blogs such as this one¹. In reality, he's a pretty personable bloke with the people skills you would expect from a project manager for the biggest software project in history.
¹ Sadly, every other vaguely IT news source seems to be American, which presents a bit of a cultural challenge for me. But if anyone can recommend any other right-pondian IT publications, I'd be indebted. Not too right-pondian though! I can decipher Russian with some difficulty but anything East of that poses a problem.
So, grsecurity make money (I presume) by pointing out holes in others security, but grsecurity don't like it when fellow security people point out flaws in grsecurity's security software.
So grsecurity react to a hole in grsecuritys software by banning anyone that mentions the issue in grsecurity's software?
Way to go grsecurity.
I may just pop over to twitter, mention the grsecurity issue and tag in @grsecurity, to get grsecuirty to ban me, although after this, something tells me I wouldn't trust grsecurity with my security.
Streisand effect anyone?
> So, grsecurity make money (I presume) by pointing out holes in others security
You presume wrong I'm afraid. GRSecurity write kernel-hardening patches which plug/mitigate security holes in other software. They pretty much invented many security features which are now standard in many operating systems, such as ASLR and DEP.
Rightly or wrongly, they took offence at someone's high-horse report of a minor albeit stupid bug in one of their recent patches.
@grsecurity is now "protected". Which means they're throwing an even worse tantrum than the one reported here. Check it out!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
