How to panic a current grsecurity kernel as any user
twitter.comResponding to criticism of a patch by blocking a user feels just...childish. Doubling down on that childishness by first blocking anyone on twitter who likes/faves that tweet, and then by switching your twitter account to protected feels even more childish. The Grsecurity team needs to calm down here, because they aren't giving an appearance of a professional team with exchanges like this.
I promise you that "the grsecurity team" does not care whether they have the "appearance of a professional team".
What do they care about?
Being respected for what they do bring (the best Linux kernel hardening patches and support tools); not being a jackass or treating them like jackasses when stuff like this turns up; not moaning about it and acting all fingerwavy when fixes are ready queued up; and about ending the poor financial support. It would really help if the bigcorps and professional users of this extremely usefus patchset help out financially.
The security field comes with many bloated egos, jerks and big heads and in my opinion blocking is a great way of hardening. Not childish by the least.
Grsecurity needs and deserves to be financially supported. If anyone who reads this is in a position to do so (I am not), please consider supporting the team's hard work and the ability to use their (free) product that helps your infastructure to stay safe.
Not what random people on the Internet think about them. And the switch from "important" to "random" is on a hair trigger.
".@grsecurity Did you seriously just IP block me on your site? Please tell me this is a coincidence and you're not a 5yo throwing a tantrum."
Wow.
It's not like his attitude was more mature. https://twitter.com/marcan42/status/724749571495075840
Yes, this was a petty pissing match. However, responding to criticism by IP blocking him, and then blocking anyone on twitter who faves/retweets it is just ridiculous.
How not to run an open source project.
Or, what, someone's going to come up with a better patch than grsecurity?
How do you obtain someone's IP address over Twitter? This can't be real.
He posted to the support forums:
Don't forget the comment after the newer patch
"New test patch up with improved protection against irrelevant infosec anklebiters"
from their now protected twitter account.
When you look at his first tweet he seems pretty immature.
"Starting to think that the @grsecurity kernel is not suitable for prod. First SIZE_OVERFLOW false +s, now panic due to a bug they introduced"
Could you elaborate? It doesn't seem immature to me. From what I can see he has good reasons to think that the grsec kenrnel is not something you want to use in production.
First, I thought it was funny. Second, WTF? GRsecurity totally reacted the opposite