Comments by "" (@grokitall) on "Brodie Robertson" channel.

  1. The fundamental issue here is that you have an important maintainer (linus) slightly advocating for rust for linux, and blocking c only code which breaks the rust build, and a less important maintainer (christoph) basically saying he wants to burn that whole project to the ground. This basic incompatibility affects the basic survival of not just the rust for linux project, but also those c coders who for reasons compile the kernel with the rust flag set to off. Calling for a definitive answer to what the truth is is a long overdue request, and the faliure of linus ang greg to address that issue will continue to cause problems until it is resolved. As was said in the thread, it is a basic survival issue for the rust for linux project, and for those getting their c code bounced for rust incompatibility. Stating that in the end, the only solution in the absence of such an answer from linus is to try and submit directly to linus and get the answer that way is basically just stating the truth about how to deal with a maintainer who is just obstructing code for personal reasons. Given that the maintainer has publically stated he would like to burn the entire project to the ground, when breaking code in the project is already getting c code patches bounced, it just strikes me that refering this to the code of conduct guys seems fairly obvious, as this level of hostility towards other contributers, the late nacking for non technical reasons, and so on seem like the sort of thing they should have an opinion on if they are to be of any relevance. While there are valid issues about the inclusion of rust code, that is not what is happening here. It is not about the quality of rust code in the kernel, but the existence of such code, which by now seems to at least have implicit support from linus. The technical question of not having the wrapper duplicated in every driver is basic programming, and the undesirability of this has been accepted practice for well over a decade. Having such code exist was responded to by christoph basically telling the contributer to go pound sand, rather than giving a constructive suggestion as to an alternative location which would be acceptable. Almost nobody came out of this looking good. The maintainer got away with being toxic about a decision which in theory at least seems to have already been made by linus. The code of conduct guys got away with ignoring at the very least a request as to if the behaviour of the maintainer was in scope for them to consider. Linus and greg got away with refusing to address the core question of what is the status of rust code in the kernel. Either it is a first class citizen, and christoph should not be blocking it, or it is not, and linus should not be blocking pure c code for breaking it. You can't have it both ways.
    69
  2. everyone is missing one simple point, the rust binding maintainers are basically trying to force the c maintainers to turn every private api call they want to use into a future proofed public api, and the c maintainers are basically saying no, by choosing to use a different language you get to do the fixes if the private api changes, which it can because it is private. this is not about documentation, but about rust requiring stability guarantees for private apis which don't exist in any large code base, then complaining that the maintainers won't turn every api into a public api.
    53
  3. The biggest problem i have spotted is distribution managers who can't do the job, especially when package managers go off on their own thing. This happened on red hat when pottering decided to hijack the debugging flag from kernel developers. This is happening on debian with the idiot breaking userspace with package name choices. There are lots of other examples where the managers should step in an tell them off, but won't do it. I have yet to spot an example of maintainer overreach that has not been ignored by their managers.
    16
  4. all the rust advocates are missing the point. what they are basically demanding from the maintainers is that they do all of the work to turn any private api in the c code into a public api with stable semantics just so that the rust developers can use it, but that is not how big projects work. any big project will have a relatively small and stable public api, with everything else hidden in the private api and subject to change. moving anything into the public api comes with huge maintainence costs and development costs, which is a pain point for maintainers, so they resist doing it. by using a different language, even when in the tree, the code acts like it is out of tree when it comes to refactoring or modifying the private api. this means the rust binding maintainers get to enjoy the costs which go with this, but they want to force it on the c code maintainers instead. they also want the c code maintainers to provide additional future proofed semantics for these private apis, but that is not how the private apis of large projects work.
    14
  5. ​ @darukutsu what happened is that it is owned by Oracle, who like to sue, and do not like to change course. So you can't get them to put it under a compatible license, and even a complete rewrite from scratch is not safe from litigation, as seen by the drama over the Android usage of a subset of the java apis and register based jvm which is needed for mobile and Oracle still don't have. These were all written from scratch, and they still sued, so linus and the kernel lawyers basically say it is an out of tree fs until Oracle makes a move as they cannot take the risk.
    12
  6. this is the y2k / centos 8 mentality. in this scenario you get 3 choices. 1, start fixing your snowflake code early, and suffer low levels of pain for a long time. 2, leave it till the last minute, and scramble around with lots of pain and expense. 3, wait till the environment breaks, then have to fix it in panic mode when you might not be able to do it before it kills the company. too many places default towards 3 simply because they can delay it another quarter of a year, until they realise they can't.
    11
  7.  @BrunodeSouzaLino  the issue is not obfuscated, but that c encodes some information as spread out code, while the rust type system gathers it all together in the function header, which they claim is superior. this means that because they are binding from c they have to put in the work to find out where it lives, but they expect the c maintainers to do it for them, claiming it is just asking them to document the semantics. it is analogous to asking them to take procedural code and duplicate it in a logic programming system, as it is just documenting the business logic.
    10
  8. looks a lot like rust in the kernel, not playing well with others. the solution for both is simple. do the work by themselves outside the mainline, and as bits stabilise or need to update other parts of the kernel you get someone who can play nice specifically to work on getting that code from where it works and is stable to where it is in a shape that upstream is happy with. thats how the real-time branch got upstreamed, so it can work just as well for rust and bcachefs.
    10
  9. Live patching has its uses, but most problems can be run as sharded clusters, where you take one shard out of service, update, and reboot, then do the same for the next one. This preserves system uptime, but not machine uptime. The problem with live patching is that you end up with long running code still running the old library version except when you patch the kernel.
    10
  10. ​ @mmstick a lot of people here are missing the point. what the rust binding maintainers are asking for is not to document the code, but to turn any internal private api component into a future proofed public api component with all the costs involved, just so that the rust bindings won't break in the future. every large project has a large percentage of its code as internal private apis which are subject to breakage when needed, only constrained to fixing the mainline code you broke when it changes. this is how big projects work. the rust developers basically are ignoring this fact, and trying to get the c developers to do lots of additional work just so that it does not break the rust code in the future. if you want your rust code to use the private apis in your bindings, you cannot expect the same semantics as for public apis, so you get to pay the price for using those private apis.
    10
  11.  @KoopstaKlicca  they are two sides of the same coin. in the case of kent and his codevelopers it is exactly as you describe. in the case of rust in the kernel, there is a set of work to be done, and major disputes as to the cost and who is going to pay it, with the rust developers thinking it is minimal and wanting the maintainers to pay, while the maintainers think it is significant, and want the rust guys to do it. in both cases it is some project which on the kernel scale is relatively minor thinking that most of the playing well with others should be done by the kernel maintainers adapting to the needs of their project, with the maintainers resisting. note: i am not saying all the rust in the kernel developers are like this, just enough of them to be harming their own case.
    9
  12. obviously you did not watch the video you are commenting on, where it clearly stated that alma actively support an architecture not supported by red hat
    5
  13. ​ @anonymousalexander6005 that is not quite accurate. the problem with putting the drivers in a different ring than the core kernel code is that it comes with exactly the same costs and benefits as putting them in user space. it gives you a level of isolation which lets you crash the driver without crashing the kernel, but it comes with the cost of the massive context shift every time you need to talk across the boundary, with lots of talking across that boundary. it is the inability to solve these problems in a way that does not also improve monolithic kernels which prevented microkernels from gaining significant traction for mainstream operating systems.
    4
  14. one of the main reasons for the dislike of systemd is the mentality of the developers, starting with leonard and continuing through his fanboys. first, he identifies potentially valid problems. he did this with avahi, with pulseaudio and then with systemd. then he get the bit he is working on to be "dev complete", where it works on his machine (in a way that is deliberately incompatable with the alternatives) , and doesn't care if it works on anyone elses machine, and relies on his fanboys to get it to work on anything else, while he completely loses interest in it. this bit is then excused as being optional, and thus it doesn't matter that is incompatable, until one of the higher levels of stuff has a hard dependency on it, and suddenly the alternatives are squeezed out of the mainstream ecosystem, making it harder to remove it when it needs replacing. also, when they do something that causes problems for some other project, well that is ok, because we won't fix it because it in our code. these and other behaviours are just some of the reasons that people don't trust the systemd developers and the fact that redhat has not made any efforts to tone down these bad behaviours is why people don't trust redhat about systemd
    4
  15.  @kirglow4639  except for the fact that the "simple semantic information" that they are asking the maintainers to hunt up and provide is encoded as c code spread over a number of locations throughout the code base, and they are too lazy to just go and loo, it up themselves or write a parsing tool to go find it for them because doing so would be too much like hard work, and the provided information would only be needed by rust binding maintainers. the sense of entitlement or ignorance in the rust community to want maintainers of c code to do an amount of work which is the equivalent of requiring them to convert functions between iterative and recursive implementations, just because the rust maintainers need to encode it differently is quite silly. if it is as easy as the rust fanatics claim, why can't they be bothered to do it themselves, ot write a simple tool to do it for them. if it isn't, then why do they try and insist that it is an irrelevantly small amount of work for the c maintainers? it is because it is a non trivial amount of work that they are getting push back from the c maintainers.
    4
  16.  @kirglow4639  except they are not trying to do it with c++, with the nicer object and class encapsulations which would make these things simpler, but are trying to get the c maintainers to do it from a language where it is spread out over a significant amount of code. even worse, they are trying to force those same overworked maintainers to learn enough rust to take over the maintainence of the rust bindings for what to them is out of tree code due to being in a different language. the sort of level of documentation they are asking for is what happens at the stable public api, which is why i say that they are trying to force that on the c maintainers. if it is as quick and easy to create as the rust maintainers claim, then the cost to them of having to look it up themselves should be as little as they claim it will be for the c maintainers who don't need it.
    4
  17.  @tfemby  just because it is working c code, does not make it good code, and even good code is possibly not done in the best way to be compatible. i can think of a number of patch sets written in c which had further work done on top of them out of tree, where it took up to 20 reworks to get to the point where it was right and good enough to merge, and even then they had to then start working to get the extra stuff they built on top upstreamed. just because you wrote something that you think is great (and you might even be right) does not give you the automatic right to have it merged into someone else's project. the real time kernel work was out of tree for 20 years, working to move code from their patched fork into the main line, and every small patch that made it in made the fork easier to maintain. but it did take time and rework to get it in. this is a point kent at bcachefs does not seem to get, and he expects every change to just be accepted right away, turning main line into an experimental kernel, which is why he has the current problems.
    4
  18. python 2 to python 3 has the issue that it makes breaking changes, so the old code won't work anymore. most language updates just release a new version which is a superset of the old version, so they don't have this problem the other way this is avoided is how adding oop to c did it, where there were enough differences to make it a new language, but with minor code tweaks for the compiler, it could still use the old code. this is how we got c, c++ and objective c. python did neither, hence the mess. add to that big monolithic codebases, and the usual y2k ish procrastination, and we get to where we are today.
    4
  19.  @guiorgy  yes they could do it tomorrow, but the point is that they have not done so. Also, remember that a lot of these companies are now run by accountants, who upon seeing the money signs from the lawyers, do not bother looking at the costs if it goes wrong. Mostly it is not about making a balanced judgement call, if it was the sgi vs the world case would not have gone ahead, and neither would the Oracle vs Google case.
    3
  20. This is the actual reason for the regulation. Unlike the us, the EU recognises that climate change is a thing, and that most power is currently generated from fossil fuels. The best way and the cheapest is to not waste the power in the first place. Using a TV as an example, cheap tvs used to just turn off the tube when you put it on standby, wheras expensive ones did it properly, leaving just the remote control unit turned on, so it could turn the TV back on. The difference in power usage could sometimes be as high as 80% of the peak usage when using the TV, which is a lot of wasted power you have to generate. The same types of mistake were made with multiple generations of devices, including satellite TV boxes, fridges, home automation tech, etc, and to fix this they made this series of regulations basically saying that when you don't need to be wasting power, you should not do it if you do not need to. The issue with the kde and gnome suspend flag seems to come from conflating 2 different use cases under the same flag. The first case is the one relating to power usage and sleep, hibernate and power off. The default should be to reduce power usage when it is not needed, but is currently used as a flag to turn autosuspend on and off. The second use case is where no matter what you are doing, you need to force power off due to running low on battery power. This applies both to laptops and to any desktop or server running with a decent ups, and gradually degrading functionality can extend the time needed until forced shutdown is needed. An example would be to disable windows whole drive indexing on battery power, thus extending battery life. This second use case should have the default be forced shutdown for laptops and for desktops and servers on battery power, and is irrelevant to both on mains power. By conflating the 2 different use cases, you just end up with the currently broken understanding of what the flag should do, and the related arguments about the defaults.
    3
  21.  @kirglow4639  i don't dispute that the description i give does not apply to all of the rust team, only to too much of it, and even more so to the wider rust community. it is this lack of understanding of the level of work involved by the wider community, and their toxicity at getting push back which i am calling out. also there are a toxic subset of developers who do fit the problem child model i pointed out, and the rest of the rust community have either been conspicuous by their absence when these people are called out, or completely miss the points being raised against them and come back with resposes that while pointing out valid good points fail to address the issues actually raised. a simple example of this is when the author of bcachefs was called out for ignoring how the timings of the kernel development process worked, most rust developers were silent, and the few who could be bothered to comment ignored the issues raised and either were just saying that the code was brilliant because it was in rust, or that the work the developer was doing was great, neither of which had anything to do with why the guy got called out in the first place. if your community fails to accept that when building on top of other peoples work you need to learn how to play well with others, it is hardly surprising when that toxic community is not looked upon favourably by those other people.
    3
  22.  @kirglow4639  so you are saying the bcachefs maintainer did not do a large code dump of new code extremely late in the release cycle, causing him to get called out by linus, and that lots of rust people came out against him and in support of linus? or what about the rust in linux maintainer who quit, because while the real work was great, the political garbage was not worth putting up with, and the rust community was not helping fight back against it? what about all the people in the threads around multiple videos here claiming that despite not being rust programmers, the c kernel maintainers should just go into the rust binding and fix them just like they do with the c code they actually write? not to mention all of the people who say gathering the lifetime information is so trivial that it is not worth them doing it themselves, because it is only documentation, even though that information is not needed in c and takes quite a bit of time to collect? or how about the vitriol poured on ted tso for pointing out that at kernel scale, the rust code is a minority use case, and most of the work will continue to be done on the c code, which might break the rust code as it will not be part of the stable apis, and that the rust coders will need to fix it because most of the c maintainers don't write rust? all of these and more crop up repeatedly in these threads, but not a single voice from the rust side ever speaks up to say that the c maintainers might have valid points, or that the hard core rust advocates might be being less than fair to the c maintainers. this is not setting up a straw man, just observing that the rust community in these threads when seeing a problem with adding third party rust code to the c kernel seem to expect the c maintainers to do all of the work, even when they don't know rust and the things they want are not something that matters in c, and then seem surprised when the c maintainers quite reasonably say that they don't write rust, and that what they are asking for is a non trivial amount of work.
    3
  23.  @kirglow4639  i won't ask you to cover any points about most of the cases, but if you have any knowledge of any comment by any rust contributer who thinks that the bcachefs developer doing a huge dump of new code right at the end of the merge window is anything but perfectly fine, i would be pleased to hear about it. as to lifetimes, documentation, and api changes, the problem is that the rust community is approaching them from only a rust perspective. lifetimes are only of interest to rust programmers and compiler writers, so it is not really a c thing. the documentation being asked for is largely for how the rust semantics would work with the c code, so again their is a fairly significant mismatch. api changes in c are generally looked down on, and the level of resistance is proportional to the number of callers in the surrounding code. the more callers the less the desire to change the code. however then general method to do api changes in c is first to point out what the problems are in the existing code and why in a convincing manner, then to come up with a better api which can be wrapped by the existing api so that the existing code still works and does not need changing all at once, and then be better enough that other users find it preferable to the prior api and use it instead. this does not seem from the comments i have seen to be the way the rust developers try and get improved apis. note: i am not saying that the apis could not be better, or that the documentation could not be improved, or that extra tests could not be written to make how the existing apis are supposed to work clearer, only that from what i have seen the rust developers do not seem to be engaging with the c developers in the way that the c conventions usually have such interactions work, and if they did, it might work a lot better. after all, one of the purposes of testing is to document and clarify how the interface actually works.
    3
  24.  @kuhluhOG  yes lifetimes exist in every language, but rust seems to need them to be known at api definition time for every variable mentioned in those apis, unlike just about every other language. when you put this constraint on another language just to get your type system to work, it does not come for free. i do not doubt that it is possible to write kernel code in rust, nor do the c maintainers, in fact some people are writing a kernel in rust, and good luck to them. people are also writing code for the kernel, but when you can't even get a stable compiler to work and need to download the nightly builds to get the code to even compile (according to one of the compiler devs st a rust conference), and you need an unspecified amount of extra work to even be able to start doing work on the unstable internal apis, there naturally arises the question of how much work and who has to do it. as to the problem with the drm subsystem, i've not seen the thread, so i don't know if it was done as a discussion around "this variable is used this way here and an incompatible way there", or if they just went and fixed the more problematical one for them to work in the way that made it easier for the rust developers, and then did a big code dump with little prior discussion. if it is the second case, it is the same issue of not playing well with others except on your own terms, and the resulting problems are deserved. if it is the first, then the issue should be raised on the usual channels, and initial patches proposed, with ongoing work to figure out if those patches are the best fix to the identified problems, just like with any other c developer. i just don't have enough context to determine if it was the rust devs, the c maintainers, or both talking past each other, and thus do not have a right to an opinion on the details i do not know.
    3
  25. it should not make a major difference, as it is basically being set up to return us to the situation before the dissolution of centos. as far as i know, all significant enterprise linux offerings are based of rhel, as this was the position of red hat until recently, and why reinvent the wheel when you do not have to. as to the involvement of oracle, they are just one of the companies getting hosed by the actions of red hat, so this idea makes perfect sense for them to restore a proper upstream.
    3
  26. ​ @flamingscar5263 microsoft did backwards compatibility because they had to, not because they chose to. when the new version won't run the majority of existing code, or is a pain to use, you are stuck maintaining the old version. this is why xp hung around for so long, the replacement was both worse, and incompatible, so people just stuck with xp. the same issue is going to hit with 11 and 12, because they are full of anti features people don't want, and the increased cost of the base hardware is just not worth the antifeatures that are being forced on you.
    2
  27. i think this whole thread misses a basic point about developing large systems. in such systems you want a stable public api, and a flexible private api. this is further constrained by the in tree code, so that if you break it, you find out and fix it. with out of tree code, you have exactly the same problems you get with any long lived unmerged branch, that the ground underneath it changes over time, and like with the large snowflake block everyone is afraid to touch, it eventually gets broken because it is effectively being run as a long lived fork of the main code base. the only solution to this is to work hard to move more of the code into the mainline branch, to get all of the benefits and reduce the costs of maintaining it out of tree. this out of tree cost is further agravated for rust in that the bindings for the unstable private apis require an additional layer of future proofing semantics which the core c code does not need yet. for c (and most other languages) the idea of did that change break anything within the existing code determined at commit time is good enough, and those extra semantics the rust people want are only added as they are discovered by breaking code with the next change. the linux kernel usually does an exceptional job of providing a stable public api, but what the rust people are basically asking for is to make the private api a stable public api as well, and quite understandably the maintainers are saying that it does not make sense to do so, but feel free to do the work yourself, but don't be surprised if it breaks sometimes. to the maintainers, every piece of code not written in the core language of the project is effectively acting as out of tree code, so if you want to play in their sandbox, you get to enjoy the additional work that goes with it.
    2
  28.  @Pentium100MHz  if your car is relatively modern, it it is already computerised. The engine has a computer managing it, and most after market and a lot of built in entertainment systems run on android based embedded computers. As to your set top box shutting down during recordings, the word for that is broken. It should wake up when the recording is due to start, and stay awake during the recording, because it is doing something. However a lot of people here in the UK leave their tvs on in multiple rooms even when there is nobody there, or when they go out, and if the prompt comes up asking to verify you want to keep the TV on is not responded to, it goes into standby.
    2
  29.  @fhunter1test  the issues with "ways of avoiding it" has always been that any methods tried also improve the speed of monolithic kernels, nullifying the relative benefits. if there are any that only improve microkernels, i would be interested to find out.
    2
  30.  @rosomak8244  as the microkernel design is basically a minimal kernel with lots of microservices, it shares all of the known problems of microservices and adds so e more of its own.
    2
  31. microsoft are not in the clear on this one either, as it was crowdstrike who took the machines down, but microsoft not fixing known problems which made them require a manual reboot.
    2
  32.  @xabhax  no, but given that windows is less than 10% of their revenue now, how many lawsuits will it take before the lawyers and managers decide to just do it right the first time, rather than being dragged kicking and screaming to fix problems by the regulators. bear in mind that a lot of these software giants basically have no competition in their marketplace due to the network effect, and thus they are already under pressure from governments to do better. this includes microsoft, meta, google, etc
    2
  33. this is a non trivial task, as all major enterprise distributions have been rhel derived, so all software for enterprise uses the rhel assumption set. it does not matter if this is just assuming being rpm based, or lots more of the rhel options, every source of divergence needs to be addressed to make the code debian compatible. from a simple point of engineering, this takes both time, and actually being bothered about debian compatibility, and we currently have a bunch of rhel alternatives which do not need such major work, so third party suppliers will address those first.
    2
  34. it is worse than that, statements from the eula and red hat employees make it clear that even if you have a valid reason for having a developer license, they reserve the right to decide that even using one of the machines as a print server as part of that purpose gives the authority to decide you do not qualify, and come in and audit you for how many licenses they think they deserve paying for. this makes the value of the dev license almost zero due to future liability risks.
    2
  35. all that needs to happen for zfs to be ok in the kernel is for the other members of open ela to ship it in open ela. at that point you have an oracle backed organisation releasing the code under the gpl. this was what tripped up sco, as they were still shipping caldera linux gpl while trying to sue people for stuff in the kernel.
    2
  36.  @kirglow4639  just have a look at the threads here about the recent rust and kernel drama, and you will see plenty of examples of it. in all of the recent drama, i have literally not seen a single comment from the rust community which even hints that anyone on the rust side is not totally in the right, and anyone on the c side is not totally in the wrong. if you could assume for the sake of replying to this single comment that the examples i gave were not 100% fabricated (they were all real), the could you at least admit the possibility that the responses from the rust community could do with a better attempt to engage with the issues raised by the c community and that the responses could have been more constructive in looking for solutions?
    2
  37. the point is that you use fedora if you want red hat tooling in a non enterprise distro so you can use the same it staff to support both. the problem with red hat and their scorched earth policies towards existing classes of customers that they do not see the value of is that not only does it diminish the value of rhel, but also of non enterprise upstream.
    2
  38.  @marcogenovesi8570  no, i mean the subset of rust developers who think that searching for things like lifetimes and other things not a part of c is trivial, but are unwilling to do it themselves, then want to throw the code over the wall into the kernel and then want the kernel maintainers to do the work maintaining it (even th9se who don't know rust). very like the way that the kdbus people could not be bothered to do the work to speed up dbus, and just expected to throw the existing api into the kernel and hand the problem over to the kernel folks. this is not just about kent, but is a bigger problem of relatively minor developers thinking that they can work in their sandbox, and when they think the code 8s ready, just dump it on the kernel maintainers, who also have to do the work to make the kernel ready for their code dump and maintain it later.
    2
  39.  @roundduckkira  kent is a major problem for kent, but not all code that works gets accepted. what is the reason for rejections? not accepting that there is a problem. not liking the proposed solution? a large set of patches all dropping in o e big merge? the patches arriving late in the merge cycle? none of these is the maintainer being deliberately awkward, and all can have valid reasons for not accepting the merge. they all have responses which can be made to get them merged eventually. not having seen the threads, i can't tell if it is problems with the maintainers, if the developers are just feeling entitled and then butthurt because their code was not just immediately taken without comment, or if it is members of the two communities talking past each other.
    2
  40. ​ @VoicesInDark i would strongly disagree with the idea that kernel developers are replaceable, as most of the are doing critical work in important but obscure areas of development. as for them getting paid, so what if some company wants to pay them, with the idea of basically putting bug bounties on problems affecting their company. you still have a number of kernel contributors who are not tied to big companies. as to it being a community or not, i don't see any way you can define that word which would not cover 15,000 people trying to not get in each others way for years. if you mean the kernel project not being community driven like centos used to be and rocky is now, very few large projects or distributions fit that model. it certainly does not fit how systemd is developed, nor the kernel, and not gnome either.
    2
  41.  @MikkoRantalainen  kent obviously has an out of tree fork of the kernel where he does the development work, which is fine, and is where his current behaviour is heading. what he needs is someone else to work on upstreaming the code in small patches, doing rework to make the working code compatible with the rest of the code in the kernel. if he runs it like the real time patches project did, improvements can be made on his tree, while someone else manages reducing the delta between his tree and upstream, eventually getting his code into mainline. note: linus did not say no more bcachefs, only no more kent, and whoever takes over upstreaming needs to play well with the rest of the kernel developers..
    2
  42. microkernels always sound good, that is why they gained popularity in academia in the 1970s. unfortunately they come with huge costs for message passing and context switching, and there is still some types of code which must be in kernel space. people have tried to fix this issue ever since, and we are still waiting for a microkernel only solution, which makes them more practical.
    2
  43. it was not possible to prevent the update, the only option is to insist on not installing any software which works like this, which is often above the pay grade of the experts involved. for upgrades which did not require live patching, the companies already had policies and practices in place which would prevent this from happening. crowdstrike just chose to override them. microsoft chose not to fix the boot loop problem since 2016, so they share the rest of the blame with crowdstrike. crowdstrike crashed the kernel, microsoft made it so it could not recover from it.
    2
  44. ​ @turtlefrog369 a lot of these systems require internet access to do their job, so that needs securing. you cannot take payments or update your flight information boards without being able to talk to other machines.
    2
  45. the issue being ignored in this thread is that most of these machines which were hit were locked down and mission critical. this means that any method which does not do automatic recovery will cause the same issues. manual interaction with most of these machines is just not an easy option, usually for very good reasons.
    2
  46. because ken thomson's paper "on trusting trust" was the first to highlight a new way of hacking the supply chain, and fixing it is hard and expensive. the purpose is to make it so that you not only believe linus can be trusted when you get your kernel from him, but you know that you got the same kernel as you got from him. in his tech talk at google, he talked about how due to using cryptographic hashes, as long as he knows the hash, he can download the repository from anyone, and verify it is an exact copy of the one he put up which they copied. that verifies the audit trail for the sourde code. the way nixos uses semantically versioned bill of materials verifies the audit trail for the dependencies. reproducible builds verify the audit trail from source to binary files. different tools for different parts of the job.
    1
  47. @Silver-eb7zm yes, canonical consulted their lawyers and decided it was a risk worth taking. This was based upon the benefits they could receive from shipping it, the low likelyhood of being sued, and the odds of being able to settle or fund fighting it. This does not make it license compatible, which a lot of other top lawyers say it is not. Canonical is largely a newbie distro, which is not where the money is. Both the linux foundation and redhat are well funded, so the return from sueing and winning is high, so the risk for them shipping it is also high, which is why they don't.
    1
  48. no, the major question is can they do anything about it without shooting themselves in the head. all a backup checker needs to do is checksum every file, and export that audit report to a non rhel machine. this is a good idea for security auditing anyway, so banning it would be very difficult. so would banning any non rhel machine from the network. once you have this audit database, you can do the same for any other distribution, and instantly flag up any differences, which from a technical viewpoint is no different from comparing todays and yesterdays reports, so they cannot easily ban that either. once you have the list of files which is different, you can decide if it matters, and just tweak your patch list until you get the same checksum. as this bit is not being done on rhel, they have no say in the matter.
    1
  49.  @LuluTheCorgi  because the reason oracle linux exists in the first place was that red hat did not want to support their needs, so just paying them does not get them support, and requires them to sign the dodgy eula which stops them from getting support any other way. in this case using the lawyers would actually cost less.
    1
  50. An example of the difference would be to keep the screen turned on when playing a movie, but turning it off if doing computation or drive indexing without the need for a display. This lets the monitor go into standby, and also stops the graphics card from burning energy it does not need to use. Screensavers used to be about avoiding screen burn on tube based displays, but are now either about inactivity wallpaper or power saving depending on your option settings. Similarly, cpus have different power levels, depending on what level of usage is needed. You can step those levels down if you are barely doing anything, stepping things back up if you start a cpu intensive task. This means you could walk away from the computer when it started to do a task which was a cpu hog, but did not need the screen, and after a wait, it would blank the screen and let the monitor go into standby, and then when the task finishes, it can move the processor into a lower power mode. When you come back and move the mouse, it can turn the screen back on, waking up the monitor, and you can check if it is finished. You could even have it automatically power off when it is done.
    1