Official statement regarding recent Greg’ commit 6e90b675cf942e from Serge Semin

Hello Linux-kernel community,

I am sure you have already heard the news caused by the recent Greg’ commit 6e90b675cf942e (“MAINTAINERS: Remove some entries due to various compliance requirements.”). As you may have noticed the change concerned some of the Ru-related developers removal from the list of the official kernel maintainers, including me.

The community members rightly noted that the quite short commit log contained very vague terms with no explicit change justification. No matter how hard I tried to get more details about the reason, alas the senior maintainer I was discussing the matter with haven’t given an explanation to what compliance requirements that was. I won’t cite the exact emails text since it was a private messaging, but the key words are “sanctions”, “sorry”, “nothing I can do”, “talk to your (company) lawyer”… I can’t say for all the guys affected by the change, but my work for the community has been purely volunteer for more than a year now (and less than half of it had been payable before that). For that reason I have no any (company) lawyer to talk to, and honestly after the way the patch has been merged in I don’t really want to now. Silently, behind everyone’s back, bypassing the standard patch-review process, with no affected developers/subsystem notified - it’s indeed the worse way to do what has been done. No gratitude, no credits to the developers for all these years of the devoted work for the community. No matter the reason of the situation but haven’t we deserved more than that? Adding to the GREDITS file at least, no?..

I can’t believe the kernel senior maintainers didn’t consider that the patch wouldn’t go unnoticed, and the situation might get out of control with unpredictable results for the community, if not straight away then in the middle or long term perspective. I am sure there have been plenty ways to solve the problem less harmfully, but they decided to take the easiest path. Alas what’s done is done. A bifurcation point slightly initiated a year ago has just been fully implemented. The reason of the situation is obviously in the political ground which in this case surely shatters a basement the community has been built on in the first place. If so then God knows what might be next (who else might be sanctioned…), but the implemented move clearly sends a bad signal to the Linux community new comers, to the already working volunteers and hobbyists like me.

Thus even if it was still possible for me to send patches or perform some reviews, after what has been done my motivation to do that as a volunteer has simply vanished. (I might be doing a commercial upstreaming in future though). But before saying goodbye I’d like to express my gratitude to all the community members I have been lucky to work with during all these years.

  • Matty_r@programming.dev
    link
    fedilink
    arrow-up
    53
    arrow-down
    1
    ·
    2 months ago

    Honestly must be incredibly stressful managing a project like the Linux kernel. Governments constantly wanting changes made for their own purposes, companies leeching off the work of volunteers, neck beards losing their minds over some change they don’t like.

    I don’t envy them at all. This sort of change was inevitability going to piss people off - it could have been handled better but I think it was going to be lose/lose no matter which way it was done.

    • Norah - She/They@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      34
      arrow-down
      7
      ·
      2 months ago

      I personally think this is a cop out. Obviously people would have been outraged either way, but personally my only issue is about how it was done. The whole point of the FOSS community is openness and transparency. The senior maintainers of arguably the most important FOSS project trying to operate secretively on something like this has shattered my trust in them, as well as many others.

      • 0x4E4F@infosec.pubOP
        link
        fedilink
        English
        arrow-up
        16
        arrow-down
        3
        ·
        2 months ago

        The senior maintainers of arguably the most important FOSS project trying to operate secretively on something like this has shattered my trust in them, as well as many others.

        Basically, my stand on this.

        And that it was dismissed like it was “no big deal” by Linus and some of the other senior maintainers.

        But seriously, Linus’s comment regarding this was… just… I have no words… he basically put every Russian in the same basket, called them trolls and added a racist comment on top of that, I mean… yeah, I lost all respect for him. At least his previous fits were about code and only if someone fucked up something, this is completely different.

        • mihor@lemmy.ml
          link
          fedilink
          arrow-up
          1
          arrow-down
          2
          ·
          2 months ago

          Exactly, that’s also my view. In Serge’s thread somebody else said Linus used to be his role model but now he is questioning his own beliefs. Sums up my feelings perfectly.

          It sucks so bad, Linus really screwed up big time, and GKH dropped the ball as well. What kind of a hellish timeline is this?

          • 0x4E4F@infosec.pubOP
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            2 months ago

            Sums up my feelings perfectly.

            Mine as well.

            Not that invested that much, but I seriously, I thought Linus was better than this… I wouldn’t expect this even from Stalman to be honest, this is new level of low if you ask me.

            What kind of a hellish timeline is this?

            I have no idea… if everything is dictated by corps and governments (at least ones that we can’t trust with simple things, such as healthcare), I really have really lost all faith in humanity as a whole… not because they’re less human individually, but because no one sees anything wrong with this, in general…

        • secretlyaddictedtolinux@lemmy.world
          link
          fedilink
          arrow-up
          1
          arrow-down
          4
          ·
          2 months ago

          But seriously, Linus’s comment regarding this was… just… I have no words… he basically put every Russian in the same basket, called them trolls

          There are a huge number of online Russian trolls. That part of his response was not hyperbolic. They do have troll factories there to influence public opinion.

          The problem is this still leads to questions about transparency about the project in general and how this decision was made and whether it was made by those involved in the project or was an order from the US government.

          • 0x4E4F@infosec.pubOP
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            edit-2
            2 months ago

            They do have troll factories there to influence public opinion.

            In the Linux kernel? No. Definitely not. Maybe you’d like to see what happened after they got removed from the maintainers list, it was spam and trolling, and that is not OK in any scenario.

            The problem is this still leads to questions about transparency about the project in general and how this decision was made and whether it was made by those involved in the project or was an order from the US government.

            My personal belief is that it was an advice by the lawyers and they went with it balls in because who would care about a few Russian maintainers, right 😒. Linus probably probably put GHK to it, as to not be him that does the PR, split the heat that may come their way, which it did.

            I coldheartedly believe that Linus meant what he said since there was no apology afterwards. Russians are bad in general and they all think the same, they support Puttin.

      • pressanykeynow@lemmy.world
        link
        fedilink
        arrow-up
        6
        arrow-down
        2
        ·
        2 months ago

        My main concern with this happening is how much secret control the US government has over top Linux maintainers. Many commenters say that Linus couldn’t refuse the request from the government because he lives in the US and Linux Foundation is in the US. So what other requests from the government known to put backdoors into software they couldn’t refuse in the past or won’t be able to refuse in the future?

        • winterayars@sh.itjust.works
          link
          fedilink
          arrow-up
          1
          ·
          2 months ago

          I, too, do not want to be deleted out of existence by the US government/military and so i, too, comply with sanctions.

          We have reason to believe Linus and the kernel team are not filling the kernel with government back doors (for the thing, there’s a high chance someone notices and makes it public that such code was put into the kernel by one of them). Linus has talked about refusing to do this in the past. However, it’s no surprise they’re not willing to risk the whole project for a handful of people working for Russian weapons manufacturers.

        • secretlyaddictedtolinux@lemmy.world
          link
          fedilink
          arrow-up
          3
          arrow-down
          2
          ·
          2 months ago

          Yes, this is exactly my same thoughts.

          This is terrifying.

          I don’t like what the Russian government is doing and Putin is cruel and evil, albeit intelligent (which makes him even more terrible).

          That being said, in the US, government agencies can order a company to do certain things, put in certain code, or whatever and then issue a gag order as part of that preventing disclosure. And although there’s a limit to how much that can screw over open-source software users, we do not know what exploits nation-states have, we don’t know what backdoors are in different chipsets or closed-source firmware.

          If a developer writing open source code can be blacklisted so easily without transparency into the process, it suggests the company is being ordered to do certain things and not disclose them by the US government, which is a government that still engages in torture.

          Notice how they are not coming out and saying “We were not ordered to do this by any government agency.”

          Could the foundation be forced to elevate a developer with government ties who then is able to “accidentally” put in an extremely hard to detect exploit into linux that won’t be detected at first and only patched later?

          I really wish companies associated with linux were not in a country that lacked transparency with government regulations and in which gag orders were not possible.

      • winterayars@sh.itjust.works
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        2 months ago

        So you realize they have no choice and couldn’t have done any differently but you’re still irrationally upset about it so you decided to become the tone police?

      • saigot@lemmy.ca
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        2 months ago

        It’s pretty hard to be open and transparent when 2 men with guns and black suits are sitting at your kitchen table.

        We don’t know if that happened, but given the speed this happened and the us being the us…

        If it breaks that they had a long runway of knowing this had to happen, then sure bring out the pitchforks, but imo we should default to this happening under heavy pressure to act immediately.

    • JackbyDev@programming.dev
      link
      fedilink
      English
      arrow-up
      8
      ·
      2 months ago

      neck beards losing their minds over some change they don’t like.

      Ughhh, it was so infuriating hearing that guy rant about how Rust was bad and was trying to take over at that conference. I felt so bad for the speaker.