Yes, this was a petty pissing match. However, responding to criticism by IP blocking him, and then blocking anyone on twitter who faves/retweets it is just ridiculous.
Responding to criticism of a patch by blocking a user feels just...childish. Doubling down on that childishness by first blocking anyone on twitter who likes/faves that tweet, and then by switching your twitter account to protected feels even more childish. The Grsecurity team needs to calm down here, because they aren't giving an appearance of a professional team with exchanges like this.
Being respected for what they do bring (the best Linux kernel hardening patches and support tools); not being a jackass or treating them like jackasses when stuff like this turns up; not moaning about it and acting all fingerwavy when fixes are ready queued up; and about ending the poor financial support. It would really help if the bigcorps and professional users of this extremely usefus patchset help out financially.
The security field comes with many bloated egos, jerks and big heads and in my opinion blocking is a great way of hardening. Not childish by the least.
Grsecurity needs and deserves to be financially supported. If anyone who reads this is in a position to do so (I am not), please consider supporting the team's hard work and the ability to use their (free) product that helps your infastructure to stay safe.
Could you elaborate? It doesn't seem immature to me. From what I can see he has good reasons to think that the grsec kenrnel is not something you want to use in production.
16 comments
[ 4.3 ms ] story [ 39.7 ms ] threadWow.
https://forums.grsecurity.net/viewtopic.php?f=3&t=4342
"New test patch up with improved protection against irrelevant infosec anklebiters"
from their now protected twitter account.
The security field comes with many bloated egos, jerks and big heads and in my opinion blocking is a great way of hardening. Not childish by the least.
Grsecurity needs and deserves to be financially supported. If anyone who reads this is in a position to do so (I am not), please consider supporting the team's hard work and the ability to use their (free) product that helps your infastructure to stay safe.
"Starting to think that the @grsecurity kernel is not suitable for prod. First SIZE_OVERFLOW false +s, now panic due to a bug they introduced"
https://twitter.com/marcan42/status/724740708104474626