Damn there are a surprising number of maintainers that are comrades and not taking this lying down from the western supremacist cohort.
Linus opened up a massive can of worms and turned this into a geopolitical conflict by acting like a baby.
This comment by Hantong Chen is great:
Hi James,
Here’s what Linus has said, and it’s more than just “sanction.”
Moreover, we have to remove any maintainers who come from the following countries or regions, as they are listed in Countries of Particular Concern and are subject to impending sanctions:
Burma, People’s Republic of China, Cuba, Eritrea, Iran, the Democratic People’s Republic of Korea, Nicaragua, Pakistan, Russia, Saudi Arabia, Tajikistan, and Turkmenistan.
Algeria, Azerbaijan, the Central African Republic, Comoros, and Vietnam.
For People’s Republic of China, there are about 500 entities that are on the U.S. OFAC SDN / non-SDN lists, especially HUAWEI, which is one of the most active employers from versions 5.16 through 6.1, according to statistics. This is unacceptable, and we must take immediate action to address it, with the same reason.
Funny that blog calls it a “failed attempt at a backdoor” while neglecting to mention that the grsec post (which it does link to and acknowledges is the source of the story) had been updated months prior to explicitly refute that characterization:
5/22/2020 Update: This kind of update should not have been necessary, but due to irresponsible journalists and the nature of social media, it is important to make some things perfectly clear:
Nowhere did we claim this was anything more than a trivially exploitable vulnerability. It is not a backdoor or an attempted backdoor, the term does not appear elsewhere in this blog at all; any suggestion of the sort was fabricated by irresponsible journalists who did not contact us and do not speak for us.
There is no chance this code would have passed review and be merged. No one can push or force code upstream.
This code is not characteristic of the quality of other code contributed upstream by Huawei. Contrary to baseless assertions from some journalists, this is not Huawei’s first attempt at contributing to the kernel, in fact they’ve been a frequent contributor for some time.
Meh, if they really leave this will prompt the US government or corps to finally start paying these developers. This flare up is a blessing in disguise.
Damn there are a surprising number of maintainers that are comrades and not taking this lying down from the western supremacist cohort.
Linus opened up a massive can of worms and turned this into a geopolitical conflict by acting like a baby.
This comment by Hantong Chen is great:
Wasn’t Huawei trying to put a Backdoor into linux?
If yes, I see why they finally want to restrict maintainers to countries they can trust
as far as i know, that has not happened.
what makes you think it did?
Articles back in the days.
I found a random one now. Maybe I got just clickbaited with titles back then. I dunno
https://securityboulevard.com/2020/12/was-this-huaweis-failed-attempt-at-a-linux-backdoor/
Funny that blog calls it a “failed attempt at a backdoor” while neglecting to mention that the grsec post (which it does link to and acknowledges is the source of the story) had been updated months prior to explicitly refute that characterization:
Removed by mod
Meh, if they really leave this will prompt the US government or corps to finally start paying these developers. This flare up is a blessing in disguise.
Wait until you find out how much of Linux the NSA has built.
The NSA also created tor
Next to none. You’re just spreading FUD.
selinux is one example.
They haven’t been involved with that for years and it’s open source so it’s as likely to have a backdoor as any other part of the code.