The email thread continues. Linus later responded with:<p>>No, but I'm not a lawyer, so I'm not going to go into the details that
I - and other maintainers - were told by lawyers.
>I'm also not going to start discussing legal issues with random
internet people who I seriously suspect are paid actors and/or have
been riled up by them.<p>Which I find pretty concerning statements, quite a disservice to the community. It's a global community, and here the maintainers take some action without explanation. They don't even have a communiqué at hand to tell people what this action is, why it was taken, and which alternatives were considered but rejected. This is the bare minimum that I expect of the maintainers of a piece of software that is very critical to many millions of systems worldwide.
Counting on the goodwill of users is not acceptable for an operating system that underpins the security of people's computers.
If you scroll down on the thread linked, someone mentions the reason isn't that the developers are Russian, but because their employers in Russia are sanctioned companies.<p>I don't know if that's accurate, but seems feasible. If so I'm 100% behind it.<p>It'd be nice to know the exact reasoning for this, rather than just see a commit without any context of why they're being removed. I'm pretty sure we'll know in due time.
Not a good idea for Linux to get involved in geopolitical drama.<p>Any self-respecting maintainer will not come back after this.<p>Linux might have a lot of developers, but has a hard time finding and retaining maintainers.<p>This is not a good development.
Probably the best thing that can happen to the kernel... this type of measure generally backfires spectacularly by giving talent the opportunity to thrive, if anything as a way to fight back against injustice and arbitrary decisions, or for sanctioned opposition to invest in resilience by dumping more money in things otherwise not consider a priority. I always thought Argentine music from the 80's and early 90s was legendary, and this stems from a post-Falklands war, self-inflicted sanction against anglo music... regional bands thrived and created gems that even today can be appreciated as masterpieces...
Apparently (quelle surprise) Linus is getting swarmed by Russian trolls like a US swing-state voter. From <a href="https://www.phoronix.com/news/Linus-Torvalds-Russian-Devs" rel="nofollow">https://www.phoronix.com/news/Linus-Torvalds-Russian-Devs</a><p><i>Ok, lots of Russian trolls out and about. It's entirely clear why the change was done, it's not getting reverted, and using multiple random anonymous accounts to try to "grass root" it by Russian troll factories isn't going to change anything. And FYI for the actual innocent bystanders who aren't troll farm accounts - the "various compliance requirements" are not just a US thing.</i><p><i>If you haven't heard of Russian sanctions yet, you should try to read the news some day. And by "news," I don't mean Russian state-sponsored spam. As to sending me a revert patch - please use whatever mush you call brains. I'm Finnish. Did you think I'd be _supporting_ Russian aggression? Apparently it's not just lack of real news, it's lack of history knowledge too.</i>
Sounds like overreach by a company that is heavily invested in Linux as a base for its products, and is having a difficult time with US trade regulations.<p>Its pandering. I hope these developers petition to be added back.
Have to say that a lot of hacker news contributors really show their colors around events like this. This is a completely good thing to do and well past due.
How convoluted, insidious, and camouflaged can a hidden backdoor or exploitable intentional defect be?<p>If hacking or subversion is possible, it has been tried and will be again. If anyone is going to try it, chances are Putin's people will.<p>It's by far the sneakiest, most advanced cheating and infiltration apparatus humanity has ever known. It inherited a large "meddling war chest" from the Soviet Union, then invested heavily into it for 25 years. The Internet increased its opportunities a million-fold. Its semitransparent tentacles are now embedded into nearly every consequential organization on the planet.<p>Consider the xz episode as a baseline. It was fairly sneaky, but it was introduced by a newcomer to the project and affected mostly existing code. A more elaborate exploit might be submitted with a new feature by an established maintainer.
This could get messy in other projects, depending where this rule came from.
I know there are .ru maintainers in at least one other ; and what about distros?
It is wrong - plain and simple.
It is no different to racism.
As for Linus comments,
it is really surprising how many proper idiots working in IT industry.
It was not like that before..
Not long ago, simply reading Linux magazine was considered a terrorism.
Not sure this is really what anyone had in mind when sanctioning Russia? The maintainers probably aren't pleased but can't see a direct route from there to Putin's opinion of the war in Ukraine.
This was a very bad move by the Linux foundation. They should get new lawyers. Linux development should probably be moved outside of wartime/unstable jurisdictions like the US.
Can we please get a fraction of the resources currently put into Linux kernel development and start developing a robust userland ecosystem for SeL4?<p>Microkernels in general already mitigate the possible damage that could be done by rogue code in large monolithic kernels. A formally verified microkernel like SeL4 is an even better guarantee. And performance concerns of microkernels are practically solved at this point.<p>These sorts of nation-state sponsored malicious code practices could be made mostly irrelevant. We just need a little momentum to get us there.