@anderseknert Everyone who uses #AssholeLicensing like #SSPL or tries to infringe upon users' #FLOSS #Rights like #grsecurity & #RedHad do should be banned from any professional developments and supply chains as part of the #RiskAssessment and #RiskAvoidance in #DueDiligence.

• Anything else in criminal neglect at this point...

@prem_k @silentexception Well, #FLOSS does not require that they need to make it simple for one to do so.

Both #grsecurity & #RedHad comply to #GPLv2 by merely providing #paywalled access to their repos.

They don't need to provide instructions to make reproduceable builds nor documentation nor resources to do so!

@libreleah thanks.

Personally, I think maintainers should choose their license wisely beforehand:

• There are reasons why I chose to put some projects under #CCBYNCSA, some #GPLv3 and some #0BSD.

• In some cases I did fork stuff under #MIT which I'd not change the license of - even if it would be compatible - because I literally changed nothing in terms of code and also didn't see any advantage in doing so to begin with.

Espechally in the case of #DuckStation this is bad because we ain't talking about the whole #GPLv2-only vs. GPLv3+ drama or #grsecurity #paywalling (which is an asshole move but legal )...

• Maybe the dev(s) - unlike #Capcom - weren't fully aware of this issue, but even big Companies (i.e. #AVM) got forced into compliance...

Lets just hope a friendly (!!!) reminder makes them realize, apologize and undo the change...

@carlwgeorge @vermaden @samurro @tara @vkc @BrodieOnLinux

OFC, #RedHat - like #grsecurity - is legally in the position to #paywall the #SourceCode access to paying customers only.

• That doesn't mean it's a good idea either way...

And they decided to kill #CentOS, because they don't understand that to make people and orgs buy #RHEL subscriptions, they've to provide value with those subscriptions, and many people decided that their offer isn't what they are able and/or willing to take.

@the_moep Again: I've not tested / used / installed it yet so I can't formulate an educated opinion beyond: "Will keep it in mind as an option" ...

• I don't want to discount it, I'm just very wary of recommendations, as those have backfired on me, with #PorteusKiosk currently sadly "#Enshittifying" in a #grsecurity /#RedHat - Style by subsequently #paywalling even the most basic functionality and me having just gotten confirmation that basic functions like "#diskless clients" have been silently axed.

Sadly the #paywalling of #grsec / #grsecurity also killed more #downstream projects like tor-ramdisk which was a minimalist #busybox / #linux #distro designed to host #OnionServices. It was pretty nifty and the #SourceCode is still online and hosted by @torproject on their #gitlab, abeit seemingly abandoned since 2018...

@soulexpress nodds in agreement

• EVERY SINGLE ONE OF THEM!

Like there's a reason I only got a copy of #SubgraphOS as non-public alpha under the precondition to not redistribute and was allowed to preview it because that thing was unstable and had a lot of known issues the devs were working on to get fixed.

• It's not as if they weren't aware of those, but they also didn't want "#TechIlliterates" using it with a false belief in it being ready to use and trust in.

Not shure how #Subgraph evolved after #grsecurity decided to #paywall access to the #sourcecodes of said #patches and #tools cuz those were used in said distro as a means to harden it.

• But then again the #grsec devs seem to be so toxic, their entire Wikipedia Article got nuked and only an old archive version exists.

@Hyolobrika my guess is that @GrapheneOS is hell-bent on perfection or not bothering at all.

Kinda like saying #Linux is shit because there is no distro paying for #grsecurity and thus only #OpenBSD qualifies for them in terms of #security.

There are "compromises" and compromises: #GrapheneOS would rather mothball than back down and that's their right as a project...

I just think that keeps their adoption rate artificially low so #Google can shaft them and not face much Backclash...

@Hyolobrika @GrapheneOS

EXACTLY THAT!

I get why but the nonchalant attitude reminds me of #grsecurity and deciding to rather cancel that budge makes it a huge risk I'd not consider investing time, blood, sweat and tears into.

I think this rather sends the wrong signals and letting #GAFAMs and #Govware - #Backdoor integrators win.

Ideally we'd see @PINE64 , @olimex , #Fairphone and @frameworkcomputer look at #GrapheneOS and decide to make #secure & #repairable devices!

@GrapheneOS @matchboxbananasynergy And I guess noone has even dared to make a #DevBoard or #DevKit that does supoort #GrapheneOS and isn't a disassembled #GooglePixel...

Maybe @olimex or @PINE64 may be interested?

I mean I wished for better support of GrapheneOS, and I guess similar to #grsecurity, these hardening features are all intertwined and not optionalities one can choose to add or remove on a whim at build time...

@GrapheneOS I guess you gotta have to go like #grsecurity and maintain your own #fork of #Android?

@SweetAIBelle @OS1337 shure.

I'm convinced that a fully-fledged image of that would be similar to #toybox's #mkroot, which is @landley 's reference implementation for a toxbox + #musl / #linux system.

• Last time I checked it came out just below 4 MB, but that was the premade image using only the stuff toybox included [and linux & being statically compiled against musl] like #gzip instead of #xz for compression, so there already is room to shave a few hundred kB without reducing functionality out of the get-go as I've seen with my build tests of #kernel666...

Either way, we're close to his reference matterial AFAICT and I do think that OS/1337 can become a good and solid foundation for #minimalist & #embedded systems.

For comparison:

• #YoctoLinux is quite #THICC in comparison (using LSB & #GNUtils for the most part!) and stuff like #OpenADK seems to be overly complex...

  • tho #Viprinet hasn't updated their stuff in like 8 years and I sincerely hope that's just them loginwalling access to #SourceCode like #grsecurity to paying customers only and not them such old Kernels.

Speaking of #grsec, I wounder if Bruce Perens actually sued them for allegedly violating #GPLv2 when in fact said license allows #paywalling aka. restricting access to buyers of the product it contains.

@ariadne I prefer #design-based approaches than #afterthoughts!

Sadly #grsecurity did kneecap themselves by #paywalling their shite!

Interestingly, all the people that say "#Copilot is violating my #Copyright!" and fanboy #BusyBox's hamfisted approach to #GPLv2 enforcement are really quiet when it comes to enforcing #GPLv2 against #RedHat or #grsecurity...

#NotLegalAdvice but maybe it's because only those that bought the final product are entitled to the #SourceCode and #learning isn't #CopyrightInfringement because otherwise we'd all be lifelong #DebtPeons to #Schoolbook- & #Textbook #authors or rather their Copyright-holding #publishers!

https://felixreda.eu/2021/07/github-copilot-is-not-infringing-your-copyright/

@msw login- & paywalling sourcecode access may nit strictly be legal.

Sadly noone sued #grsecurity and other serial violators into compliance.