• the_strange@feddit.org
    link
    fedilink
    arrow-up
    0
    ·
    23 days ago

    I don’t have any confirmations of your points

    The kernel and its changes are open source, you can just look at the changes that were made.

    • GolfNovemberUniform@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      23 days ago

      The kernel and its changes are open source, you can just look at the changes that were made.

      So the Russian maintainers couldn’t insert something malicious into it. But yea looking at the source changes directly is better than trusting some biased articles.

      • the_strange@feddit.org
        link
        fedilink
        arrow-up
        0
        ·
        23 days ago

        Your words, not mine. If they were afraid of malicious code coming from these sources they would’ve removed them earlier and not only after their legal department recommend these maintainers be removed.

        Open source doesn’t mean that malicious code isn’t impossible though. For a project as large as the Linux kernel it is unlikely, but see the xz-utils incident earlier this year for example. https://en.wikipedia.org/wiki/XZ_Utils_backdoor

        • GolfNovemberUniform@lemmy.ml
          link
          fedilink
          arrow-up
          0
          ·
          23 days ago

          Yes I expected that argument. My point was there was no valid reason to remove them. The xz case didn’t convince any other projects to get rid of maintainers based on their nationality after all.

          It’s obviously my own opinion that what Linus did was an nonnegotiable red flag but I’d prefer to stick with it for now. I guess making this discussion political was a pretty harmful decision so I’ll remove some of my replies in order to avoid creating more drama.