Linus Torvalds, creator of the Linux kernel, posted a nasty smackdown on security nerds and their obsession with security in the gmane.linux.kernel newsgroup. Linus is referring to security professionals who feel that security should be the only focus for bug fixes and patches.

His argument is that all bugs are equally important and security bugs are simply a part of the greater whole. Linus often posts his irritation with security experts in this newsgroup. In his most scathing reprimand of the security-focused, he states the following:

Security people are often the black-and-white kind of people that I can't
stand. I think the OpenBSD crowd is a bunch of masturbating monkeys, in
that they make such a big deal about concentrating on security to the
point where they pretty much admit that nothing else matters to them.

Linus also dislikes the whole media circus (and the media, in general, I gather) surrounding security because it glorifies and encourages the wrong behavior making heroes out of security people. He feels that his primary responsibility to the Linux Community is to do a good job in creating and maintaining a viable Linux kernel and not fall prey to the media feeding frenzies that take place every time a security vulnerability is discovered.

The bottom line is that the major maintainer of the Linux kernel, Linus himself, perceives bug fixes, which include so-called security fixes, as just that: Bug fixes. He doesn't separate or even explicity refer to security fixes because to him "They're all fixes. They're all important. As are new features, for that matter."

Linux is a registered trademark of Linus Torvalds.

9 Years
Discussion Span
Last Post by jwenting

how do you feel now, Linus, that people are exposing the gaping holes in your "secure" operating system?


At the Hacker's conference, it was never hacked. MacOS X fell first, then Vista, but never Linux. Maybe they don't know what they're doing.


Indeed. At such events it's mostly script kiddies working with ready made hacking kits. And the Windows (and these days MacOS versions) they're given as targets are lacking security updates.
The organisers have an agenda, and that's showing how bad Windows and Mac are compared to Linux.

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.