The title really undersells it, it seems like under a Biden Executive Order, free/open-source software will have to ban all Russian contributions. Its unclear if American developers would be allowed to contribute to Russian software like Nginx
I haven’t gone through all their work, but some of the delisted maintainers were working on driver support for Baikal, a Russia based electronics company. Their work includes semiconductors, ARM processors. Given the sanctions against Russia, especially for dual use stuff like domestic semiconductors, I would expect that Linus and other maintainers were told or concluded that by signing off and merging their code they’d be personally violating sanctions.
https://lore.kernel.org/all/7ee74c1b5b589619a13c6318c9fbd0d6ac7c334a.camel@HansenPartnership.com/
Yes I would agree, but its unclear if this again means all Russians who are employed by any company. Because all Russian companies are sanctioned
I mean, it’s on Phoronix to take this kinda out of context, but on Linus how he phrases things. You would think after years at the forefront of one of the most important FOSS projects, he’d know better.
So to add some missing context: We are talking 11 maintainers, it’s not like hundreds have been removed. Im addition, it seems like most of them are employed by russian companies, not private individuals. Their code on the other hand has not been removed.
What bothers me is that it’s unclear whether future pull-requests would be rejected as well, or whether this is a matter of association.
IMO it would have been nice if Linus focused on some details regarding this action in his response, or alternatively not responding at all. Even if all he can say is that currently he can’t comment on it, it’s definitely better than borderline xenophobic rambling and getting mad at supposed trolls, feeding trolls if anything.
deleted by creator
Yeah Linus just said “Legal reasons” but made it clear he supports it.
Fucking based.
The social engineering on open source maintainers that create lesser understood security implications are basically toast.
:(
I really don’t know what the answer is other than HEY EVERYONE PLEASE HELP but like, glhf.
Sux.
I wonder if there is any merit to this or if the government actually suspects or believes there is a large risk giving certain maintainers access.
I could actually see NSA protecting Linux with reasonable intentions, but I could also just see the whitehouse making dumbass moves because some shmuck wants credit for “securing” something.
Either way, I don’t think it’s large enough that it’s much of an issue.
I don’t think this is about security implications, but I may be wrong. My understanding is this is related to the export sanctions, meant to hamper the Russian economy.
That seems weird considering anyone can easily access and fork it if they want.
Reminds me of the old crypto algorithm export laws which fell apart for the same reason. Now curve25519 is even in FIPS as the default next to the NIST curve.
