
Linux security devs are dropping 0-days to prove how their work is superior - adtac
https://twitter.com/grsecurity/status/933470948518481920
======
adtac
Quoting /u/hansoku-make from the /r/linux thread [1]:

This is beyond childish from both sides.

It started when Kees Cook (who recently became a target of one of Linus' rants
that was posted here a lot) gave a talk at the Linux Security Summit and
pointed out the superiority of their work over something like Grsecurity and
how it's much better audited. He tried to emphasize his point by 'disclosing'
what he thought was a 0-day in grsec code, apparently without talking to them
first.

Brad and his ego, who unsurprisingly respond in the same childish way now
drops a more severe 0-day on fucking Twitter to prove him wrong.

You know, this time, I thought Linus' rant was the other way around: I tend to
disagree with his technical stance but he was right with the personal attacks.
A lot of these people are immature up to a level where the carry out their
fights on the back of users.

[1]
[https://www.reddit.com/r/linux/comments/7ez9zc/apparently_li...](https://www.reddit.com/r/linux/comments/7ez9zc/apparently_linux_security_people_kees_cook_brad/)

~~~
nabla9
"Sorry for the strong words." – Linus Torvalds,
[https://lkml.org/lkml/2017/11/21/315](https://lkml.org/lkml/2017/11/21/315)

