Feeds

Linus Torvalds in NSFW Red Hat rant

X.509 dispute turns XXX as Torvalds says Red Hat wants kinky fun with Redmond

Beginner's guide to SSL certificates

Linux overlord Linus Torvalds has again vented his spleen online, taking on Red Hat employee David Howells with a series of expletive-laden posts on the topic of X.509 public key management standard.

The action takes place on the Linux Kernel Mailing List, with Howell posting a request that Torvalds “pull this patchset please”.

Howells wants the code accepted into the kernel so Red Hat can ”embed an X.509 certificate containing the key in a section called '.keylist' in an EFI PE binary and then get the binary signed by Microsoft.” This arrangement, he suggests, is more elegant than the way the Linux kernel signs certificates today.

Torvalds' initial response is “not without a lot more discussion first”, because “quite frankly, this is f*cking moronic. The whole thing seems to be designed around stupid interfaces, for completely moronic reasons. Why should we do this?”

The Reg has quoted Torvalds' posts verbatim: he inserted his own asterisks into the message.

As the conversation unfolds Torvalds points out that the discussion is not a fellatio contest, suggests that “If Red Hat wants to deep-throat Microsoft, that's *your* issue” and lambasting Red Hat for even suggesting key management be done in the kernel.

Torvalds later advances this argument as to why what Red Hat wants is not a good idea:

“Quite frankly, I doubt that anybody will ever care, plus getting me to care about some vendor that ships external binary-only modules is going to be hard as hell.

Plus quite frankly, signing random kernel vendor modules (indirectly) with a MS key is f*cking stupid to begin with.

In other words, I really don't see why we should bend over backwards, when there really is no reason to. It's adding stupid code to the kernel only to encourage stupidities in other people.

Seriously, if somebody wants to make a binary module for Fedora 18 or whatever, they should go to Red Hat and ask whether RH is willing to sign their key. And the whole "no, we only think it makes sense to trust MS keys" argument is so f*cking stupid that if somebody really brings that up, I can only throw my hands up and say "whatever".

In other words, none of this makes me think that we should do stupid things just to perpetuate the stupidity. And I don't believe in the argument to begin with.”

Opinion in the thread seems to favour Torvalds' point of view and discussion has petered out, so it looks like the Lord of Linux has taken this round. Torvalds has form with shouty rants, having in the last year flipped the bird in NVIDIA's direction and told another Red Hatter to be quiet in a very forceful way. He's also 'fessed up to being unable to control some of his shoutier impulses. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Microsoft on the Threshold of a new name for Windows next week
Rebranded OS reportedly set to be flung open by Redmond
'In... 15 feet... you will be HIT BY A TRAIN' Google patents the SPLAT-NAV
Alert system tips oblivious phone junkies to oncoming traffic
Apple: SO sorry for the iOS 8.0.1 UPDATE BUNGLE HORROR
Apple kills 'upgrade'. Hey, Microsoft. You sure you want to be like these guys?
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
ARM gives Internet of Things a piece of its mind – the Cortex-M7
32-bit core packs some DSP for VIP IoT CPU LOL
Lotus Notes inventor Ozzie invents app to talk to people on your phone
Imagine that. Startup floats with voice collab app for Win iPhone
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.