Re: Flame Linus to a crisp!

From: Shawn (core@enodev.com)
Date: Thu Apr 24 2003 - 08:08:08 EST


Ever notice Linus has a very distinct writing style? _under_scores_
and: colons. (Underscored colons sound ouchy!)
                        Signatures
after three tabs...

He has very clear and logic oriented writing style, yet unique somehow.
You can almost here him talk when you read a _Linus_ message.

There's only one Linus: Let's keep it that way! Let's sign him with gpg
and take measures so that he _only_ operates in _good_ mode on DRM
enabled LKML.

                        Shawn

On Thu, 2003-04-24 at 01:16, Linus Torvalds wrote:
> On Wed, 23 Apr 2003, Andre Hedrick wrote:
> >
> > Now the digital signing issue as a means to protect possible embedded or
> > distribution environments is needed. DRM cuts two ways and do not forget
> > it!
>
> This is _the_ most important part to remember.
>
> Security is a two-edged sword. It can be used _for_ you, and it can be
> used _against_ you. A fence keeps the bad guys out, but by implication the
> bad guys can use it to keep _you_ out, too.
>
> The technology itself is pretty neutral, and I'm personally pretty
> optimistic that _especially_ in an open-source environment we will find
> that most of the actual effort is going to be going into making security
> be a _pro_consumer_ thing. Security for the user, not to screw the user.
>
> Put another way: I'd rather embrace it for the positive things it can do
> for us, than have _others_ embrace it for the things it can do for them.
>
> > For those not aware, each and every kernel you download from K.O is DRM
> > signed as a means to authenticate purity.
>
> Yup. And pretty much every official .rpm or .deb package (source and
> binary) is already signed by the company that made that package, for
> _your_ protection. This is already "accepted practice", so allowing
> signing is not something new per se, including on a binary level.
>
> So what I hope this discussion brings as news is to make people aware of
> it. And that very much includes making people aware of the fact that there
> are some scary sides to signing stuff - and that they're par for the
> course, and part of the package. I know for a fact that a number of
> people were hoping for the upsides without any of the downsides. That's
> not how it works.
>
> Linus
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Wed Apr 30 2003 - 22:00:14 EST