On Fri, May 12, 2017, at 16:38, Alex Efros wrote: > Hi! > > On Fri, May 12, 2017 at 09:10:43PM +0200, "Tóth Attila" wrote: > > Please take a look at on the reply of PaxTeam postend on the openwall > > mailing list: > > http://openwall.com/lists/kernel-hardening/2017/05/11/2 > > What's for? It's pointless. Only very few people are really interested > (i.e. not just curious) in knowing who is paid by which company for doing > what, who makes more real bugs, and who lies about something. > > The important questions about how to keep current level of protection for > individual/small business users and how users of some distributions like > Gentoo/Ubuntu/Android can be protected with GrSec/PaX are still > unanswered. > > While large companies may buy subscription for GrSec/PaX the mentioned > above categories of users can't (correct me if I'm wrong, please) - so > effectively the change in GrSec policy makes harm and punish mostly these > categories of users. If that's real GrSec/PaX goal - it's very sad but > they probably have rights to do this (except their public reasoning > doesn't match what they actually do, so probably there are some unsaid > reasoning exists too), but if it's not their real goal - then they > probably should provide some options for these categories of users too. > > -- > WBR, Alex.
Individuals can certainly request a quote -- I did -- their director of sales is very patient, considerate and accommodating. Unfortunately the price is quite a bit more than I can personally afford at present. I don't personally doubt PaXteam/Spenders stated reasoning. It appears they've encountered a quite aggravating situation with what may amount to plagiarists. The post Dr. Toth linked closely mirrored what I initially anticipated from observing kspp and the like from afar. I think they're in a crap situation and what they've done is one of the better of several bad options. So, I am considering the costs of alternative control environments for my personal systems, perhaps it will be worth the quoted price after all once I've assessed options. But, point being, if paying is not out of the question I think you should request a quote. -- 0x7D964D3361142ACF
