[linux-elitists] Rooted kernel.org hosts (was: PJ takes her victory lap)

Jay Sulzberger jays at panix.com
Thu Sep 1 13:35:48 PDT 2011


On Thu, Sep 01, 2011 at 01:00:18AM -0700, Rick Moen <rick at linuxmafia.com>
wrote:

> Quoting Jay Sulzberger (jays at panix.com):
> 
> > From front page of http://www.kernel.org just now:
> 
> Yes, I've already read that.  It doesn't, however, address the two
> things about which I'm curious.  (The kernel.org operators are going to
> be very busy for a while, though, and my curiosity can certainly wait.)

On that point I have no information.  My observation, which was
mainly the same observation presented on the first page of
http://www.kernel.org, and discussed in this thread, is that
there are, at least, two systems of defense of the computer
infrastructure of the Linux kernel project.  One system defends
single, or small groups of computers, and is considered to
succeed if no enemy gets root on any of these machines.  The
other system defends the kernel code itself.  This second system
uses git to arrange a somewhat distributed system of sensors
which, we think, should be set off when an attempt at code
injection into the kernel sources is made.  An early version of
this system, not using git, was pointed out by Linus Torvalds
about twenty years ago: "Backups!  Why I just upload the sources
to the Net.".  And recently the wonderful protocol of Satoshi
Nakamoto has been realized in a seemingly resilient distributed
public transaction ledger, namely the Bitcoin network.  Satoshi's
ledger somewhat resembles the kernel's web of Git, in its
mechanism of defense.  Of course, Satoshi's ledger can be used
for other things, beyond just exchanging coins:

  http://siliconangle.com/blog/2011/08/29/bitcoin-delivers-confidence-for-online-casinos/
  http://www.bitlotto.com/details.html

So recently, the first system of defense was breached.  But, it
is claimed, the second system has not been breached, and
continues to provide some degree of defense against mass
corruption of publically distributed kernels.

oo--JS.


More information about the linux-elitists mailing list