# Intel Subsidiary's Violations Made Grsec withdraw Stable?

## miroR

title (since 2015-11-01):

Intel Subsidiary's Violations Made Grsec withdraw Stable?

(the question mark there, following further confirmations or denials, quick link with what I learned so far:

<this same topic>

https://forums.gentoo.org/viewtopic-t-1031476.html#7835446

)

---

previous title:

grsecurity withdrew support for stable; who did it to them?

---

I just read it in the news (I mean:

```

# eselect news read

```

 :Wink:   )

Give me the link someone to the page with that info in gentoo.org

EDIT 15-11-01:

and in the meantime:

<this same topic>

https://forums.gentoo.org/viewtopic-t-1031476.html#7835658

EDIT END

, pls (for proper reference:

```
# eselect news list

...

 [23] 2015-10-21  Future Support of hardened-sources Kernel
```

)!

But the more complete story is here:

Important Notice Regarding Public Availability of Stable Patches

https://grsecurity.net/announce.php

and my question is:

which one (and which ones are; but it's one in particular)...

which one(ones)  is(are) that billion dollar embedded linux industry that did it to them?

I hate having to see such huge parasites sucking on good healthy body of a company that makes just about the most honest work in FOSS Linux, the grsecurity!

Which one(ones? They can't say, as their lawyers toled them not to, but somebody does know. Do tell the caring public, pls!

Regards!Last edited by miroR on Sun Nov 01, 2015 1:25 pm; edited 5 times in total

----------

## schorsch_76

As far as i know [1][2] it was Windriver Systems but it is just "hearsaying" .... 

[1] http://lwn.net/Articles/655721/

[2] http://www.heise.de/open/meldung/Linux-Verfuegbarkeit-der-Grsecurity-Erweiterung-wird-eingeschraenkt-2792474.html

----------

## krinn

 *miroR wrote:*   

> I hate having to see such huge parasites sucking on good healthy body of a company that makes just about the most honest work in FOSS Linux, the grsecurity!

 

From what i see, with their repeat treat put on the project (and its users) itself for money ; i think their only goal is money, and i wouldn't be surprise if tomorrow they sold it to the NSA or any other companies offering them big money for it.

What will think about them then? (if you like to know, myself, nothing, commercials companies do and should aim at doing money, so i wouldn't be surprise, but i'm guessing you will fall from your chair)

Closing the stable tree to anyone will certainly not help security increase ; but sure it will help getting more money...

It's not that i like/dislike what they do, but sure you are pretty too fast when you tag them with "most honest work" ; like they are the Mother Theresa of security...

----------

## miroR

 *krinn wrote:*   

>  *miroR wrote:*   I hate having to see such huge parasites sucking on good healthy body of a company that makes just about the most honest work in FOSS Linux, the grsecurity! 
> 
> From what i see, with their repeat treat put on the project (and its users) itself for money ; i think their only goal is money, and i wouldn't be surprise if tomorrow they sold it to the NSA or any other companies offering them big money for it.
> 
> What will think about them then? (if you like to know, myself, nothing, commercials companies do and should aim at doing money, so i wouldn't be surprise, but i'm guessing you will fall from your chair)
> ...

 

I can see your point, but I don't share your view.

I am certain that they are not profiteers like you would believe.

The benefit that they gave to the world of computing is immense, in comparison to the return that they got... As far as the return, it's the principal lier and chief of the core in all the FOSS OS'es that is to blame: naver wanted to relinquish serving the NSA via paving the way for it with the LSM... Just study my signature...

I remember how spender, at one point, pretty distant, and where is that documented now I don't know...

But [I remember how] spender many yrs ago now, decided to quit, and it probably was because of such miserable return that it was poverty threatening his existence.

They are entitled to so much more.

I am not privy about any other circumstances in regard, but just what is anyway in public, and which anyone can find out about.

So I can not speak with factual certainty, that I admit. I am emotional about spender and PaX Team, because I have, and I still do, regard them as heroes of FOSS with all the good that they brought to FOSS...

I think what happened to Richard Matthew Stallman is that betrayal of FOSS values that you talk about, and he did sold in some fashion or another, to, just as you predict, wrongly I am pretty certain, for spender and PaX Team (but without complete logical backup to my certainly, I admit: insufficient insight I have)...

I think what happened to Richard Matthew Stallman is that betrayal ... and he did sold ... to, exactly the NSA: he promotes the SELinux, and that is his moral death of RMS to me...

The sky is falling on me for this sadness that now happened with grsecurity. I am literally despondent and sad because of it....

Not everybody can be virtuous as Socrates or the Catholic Saints, or, say some of the American Forefathers...

Aarghh... I could almost cry...

And to mention how I still dream to teach newbies complete deployment of the grsecurity (once I master most of its angles sufficiently)...

But the very important question is:

Who did it to them? What is the name of that embedded linux billion dollar complany?

----------

## miroR

 *schorsch_76 wrote:*   

> As far as i know [1][2] it was Windriver Systems but it is just "hearsaying" .... 
> 
> [1] http://lwn.net/Articles/655721/
> 
> [2] http://www.heise.de/open/meldung/Linux-Verfuegbarkeit-der-Grsecurity-Erweiterung-wird-eingeschraenkt-2792474.html

 

schorsch_76, pls. forgive me that I didn't thank you sooner for this one. I'm having hard time, and ialso hugely overwhelming work. (Also poor eyesight, and so, all combined, didn't see your reply till now.)

----------

## miroR

Doesn't look like a hearsay...

Find the:

 *Wind River wrote:*   

> 
> 
> ...
> 
> Expanded grsecurity packages in the secure kernel
> ...

 

in the page which currently contains all of this (pasting a few stretches):

Security Profile and Carrier Grade Profile for Wind River Linux

http://www.windriver.com/announces/security_carrier_grade_profile/

 *Wind River wrote:*   

> 
> 
> Since 2004, Wind River® has delivered the best of open source technology optimized for embedded development.
> 
> ...
> ...

 

Is this still correct? That the page shows these lines that you can read above? At this time, November 2015 started in the east of the globe, and just about to be starting in the west?

If you're reading this a few weeks later, still reads openly, with the "grsecurity" word, the trademark of the grsecurity company?

Out in the open?

And in the PDF document:

http://www.intel.com/content/dam/www/public/us/en/documents/guides/wind-river-idp-xt2-programmers-guide.pdf

there is a sub-chapter:

"The grsecurity Tool"

The document is freely available currently:

```

c295bf277339dea9bedda9f37bc25b8758cdd2236a63bd1f01996c18c47ed046  wind-river-idp-xt2-programmers-guide.pdf

```

But this research I did after finding, in the link that schorsch_76 gave, more precisely here:

Grsecurity stable patches to be limited to sponsors

http://lwn.net/Articles/655739/

where it reads:

 *tz wrote:*   

> 
> 
> Some quotes from the company in question:
> 
> > I am a software engineer from Wind River (subsidiary of Intel), we ported GRsecurity patch (GRSecurity 2.9.1 -- 201207080925) into Wind River Linux as our security solution's critical part
> ...

 

It must be them. Linux Weekly News would not leave that post unquestioned, that post would, lots of right folks there, get refuted if it were not correct.

It must be them.

Intel, the multi billion dollar company, stealing, well this is morally stealing, yes it is, like that, via its subsidiary Wind River Linux

Regards!

----------

## miroR

This issue of degraded availability of grsecurity itches me very badly, because there will be no true security for FOSS Linux where grsecurity can not be deployed, and I care for newbies, and I care for the future of FOSS Linux...

I couldn't stand FOSS Linux becoming a swamp where NSA's SELinux pretends to defend users from intrusions and being owned... the NSA who, when and as they so please, intrude and own most of the users, of all OSes, worldwide.

So let's see when the unavailability of stable grsec-hardened kernels (meaning, I guess hardened-3.20 or such) took effect. (That is when I discovered it; not because I were to use stable, no, I use testing --so the unavailability of stable does not even affect me; but I care for others and for common good--, but because I read 'eselect news' when I update my Gentoo.)

```

# eselect news read 23

2015-10-21-future-support-of-hardened-sources-kernel

  Title                     Future Support of hardened-sources Kernel

  Author                    Anthony G. Basile <blueness@gentoo.org>

  Posted                    2015-10-21

  Revision                  3

For many years, the Grsecurity team [1] has been supporting two versions of

their security patches against the Linux kernel, a stable and a testing

version, and Gentoo has made both of these available to our users through the

hardened-sources package.  However, on August 26 of this year, the team

announced they would no longer be making the stable version publicly

available, citing trademark infringement by a major embedded systems company

as the reason. [2]  The stable patches are now only available to sponsors of

Grsecurity and can no longer be distributed in Gentoo.  However, the team did

assure us that they would continue to release and support the testing version

as they have in the past.

What does this means for users of hardened-sources?  Gentoo will continue to

make the testing version available through our hardened-sources package but we

will have to drop support for the 3.x series.  In a few days, those ebuilds

will be removed from the tree and you will be required to upgrade to a 4.x

series kernel.  Since the hardened-sources package only installs the kernel

source tree, you can continue using a currently built 3.x series kernel but

bear in mind that we cannot support you, nor will upstream.  Also keep in mind

that the 4.x series will not be as reliable as the 3.x series was, so

reporting bugs promptly will be even more important.  Gentoo will continue to

work closely with upstream to stay on top of any problems, but be prepared for

the occasional "bad" kernel.  The more reporting we receive from our users,

the better we will be able to decide which hardened-sources kernels to mark

stable and which to drop.

Refs.

[1] https://grsecurity.net

[2] https://grsecurity.net/announce.php

```

Timestamped '2015-10-21', so it's still recent at the time of this writing, the taking effect in Gentoo.

This post remains with this info only, for easy reference.

----------

