yeah, because they will absolutely shit up anything to do with linux with badvertizements and "features" that are bloated buggy spyware vulnerabilities and convince mouthebreathers to pay good money because porn and lottery seriously search for linux tutorials and you will see it happen. these greedy pigs will absolutely take advantage of all that free labor, put it inside a "walled garden" and convince schmucks and stupid investors their bullshit is gold and it takes money to make money.
One thing Gregg K-H has said that's important, is that all code submitted is signed off under the developer's personal name. They can't just hide behind a company. Those submissions are publicly searchable in the LKML until the end of human civilization. With the engineer's personal reputation on it, better code is promoted.
Nice. Not true but nice. I have worked on several Linux drivers, my name is not on any of them. The developer name is "awarded" to the chief developer. Drivers are a group effort by a team.
@@scottfranco1962 Then the chief developer is taking responsibility for the code that's submitted to the repo maintainer. That's just an added step of review and a plus.
@@krozareq no, that sounds very unusual and exploitative. In open source, it's generally considered very important that authorship and chain of custody to be attributed correctly. Even if the senior developer is taking responsibility for submitting the code on behalf of the junior, that is supposed to be denoted with git's sign-off mechanism. Each git commit can attach three or more names and email information: author, committer, and signed-off-by. And multiple people can be recorded in the signed-off-by field, as may happen in more complex situations.
@@yvrelna That would be true on the third-party module's repo, but not necessarily true on the Linux official repos. Especially not true on the LKML. Everyone should get credit though.
By the time anyone finds out about it its too late unfortunately. OR people ignore it and at worst they completely embrace it. Less people care about security than one might think, and its scary as hell.
More ironically, Microsoft has been the biggest reason that Linux is not running everywhere right now. Do not ever forget the FUD this company has produced. Since Bill Gates is gone and that monkey, it seems to be turning to the good side. But there are still minions out there that obstruct roll out of linux solutions in order to get vendor locked in again, because eventually, a bad working solution with microsoft needs a lot more support. But maybe that's the reason why Linux is so good, because for a long time it wasn't touched by them.
Every major cloud runs on linux. As have 1000’s of SaaS companies and providers for decades. Many don’t contribute back but many have. MS contributions aren’t particularly significant, in terms of “would Linux be a success or not”.
No, Microsoft has probably been a great push for Linux development because the source code of Windows is proprietary... meaning a lot of people and companies didn't like the idea of using and being hostage of an OS whose development is mainly dependent on whatever Microsoft's agenda may be at any point in time.
Big tech can't and won't stay away from Linux, whether we like or not, but at the end of the day, it's the Linux community, that decides to merge their contributions or not. Thanks for bringing this up, Nick 👍!
To a very small extent. 99% of all decisions that move Linux forward are made in the headquarters of the Linux dev HQ, SuSE GmbH, RedHat/IBM and Canonical.
If you were to deny them Linux, they suddenly have no good options for their own infrastructure. There is a reason Unix hasn't gotten much traction despite all the corporate forks of it, and Windows server just gets too... Annoying and expensive to deal with. Quite often you need 3rd party software to license and bolt onto Windows Server to do certain tasks, as the built in stuff is... crap. So yes, we are al in a MAD scenario here, the ship that we all need and can't sabotage :D
I agree with some comments in that the key lies in governance model more than in openness. Other open source projects like Chromium, WebKit or the AOSP have often suffered from a single entity - that makes the majority of contributions - deciding the roadmap, what info to share or disclose, etc. fully controlling development direction. As you showed Linux decision is made by literally dozens of directors, whose companies rarely exceed 5% of submitted code, all while supervised by non-profit foundation. It's really successful. No one can exert dominance.
You briefly touched on something I've talked about a lot. Considering that Linus isn't all in on the GPL, it's actually helped Linux with its popularity. Stallman's stringent attitude about open source is what turns a lot of companies off and has actually hurt the movement. If anyone deserves credit for Linux being as big of a thing as it is, it's Torvalds because of his attitude towards for-profit businesses. Otherwise, we might just have Mach and/or Hurd.
On the other side of the spectrum you have the most popular open source OS which is android, and android is hell. So while I like that most of my hardware is supported. I'm also thankful to the more stringent people in the movement for being able to access the trash can on my computer.
First of all, I don't condone Richard Stallman's attitude, whatever it is. But from what I gathered, he promotes free or libre software: not easy to use or install yet non-free, non-libre softwares. If I remember correctly, Stallman illustrated his point of view with his real experience: where he used to work, they had a printer with the source code of its driver accessible and modifiable. They happened to face from time to time a few problems. But since they had access to the code of the printer, they could manage to correct it and then improve it. From the moment the company of the printer started to offer its hardware without the source code of its hardware accessible and modifiable, with some "arbitrary" limitations on its use, every time a software problem arose, they were left at the mercy of that company or found it harder to correct the bugs and to make the hardware fit their needs. There are other experiences that made him understand the necessity of a free software philosophy. It's simply a problem of philosophy instead of a relational problem, at first to say the least.
@@DisplayLine6.13.9 From a technical standpoint, Android isn't completely open source. The base of it is, and you can make a completely open fork, but there's a lot of closed proprietary code that goes into it. And every customized version for a device you use will have plenty of closed source, such as Samsung's version of it. Further, for now at least, they use Linux for their kernel, so it's technically also a Linux distribution.
I really like open source and community driven Linux projects, but I recognize that private companies aren't a negative in itself and can substantially contribute to Linux too
The University of Minnesota had been banned from contributing to the Linux kernel by one of its maintainers after researchers from the school apparently knowingly submitted code with security flaws
I dont know about ethical. The largest Linux Players like Canonical, SuSE GmbH, RedHat/IBM have nothing to do with ethical. They do what works and what brings Profit to the company. Which is a normal thing for any company.
@@ArniesTech Just because they're not concerned with ethics, doesn't mean nothing they contribute to is ethical. People in the FSF camp would argue the binary blobs are unethical, and Canonical has done some shady stuff on the Ubuntu desktop, but I think most of us would agree that the Linux kernel and most of its ecosystem is still ethical at this point, even though amoral companies have been contributing to it for quite some time.
The biggest safeguard is only briefly mentioned, which is that it's not one or two companies involved, but a whole bunch of competitors; and as long as a process is maintained that ensures they can watch each other like hawks, then Linux doesn't even need to depend on Linus Torvalds (which is an important issue for younger people). Like science: don't trust scientists, trust the institution and the process.
No one knows what is the Linux kernel. In fact, due to so many big Chinese tech companies adding code, some of the documentation of that code is literally written in chinese.
You forgot about a research team pushing buggy code and waiting to see if the process catches it. They were subsequently banned, and I think you even did a video on this!
They don't submit buggy code. Instead they're testing wether it is possible to sneak a vulnerability through Linux merge review process. They're successful in this, the vulnerability got merged to the main branch. When they release their research findings about it, Linux maintainers doesn't take it kindly and decided to ban them. Edit: so to clarify, the code is not the research goals, the review process itself is what they're researching.
@@bltzcstrnx +1! You beat me to it! The only reason that the buggy code was detected is that the submitters told the maintainers about it. If they wouldn't have said anything, then that buggy code would still be in the main branch to this very day. Instead of thanking the research team for revealing a flaw in the process so that they could fix it and make Linux better, they chose to ban them for shattering the myth that all contributions are being thoroughly vetted for buggy/malicious code before being accepted into main line. It frightens me to think about how many other times this has possibly happened in the past with the submitters not alerting anyone. Come to think of it, has anybody actually performed a thorough audit on the full stack with published results? I hate to sound so negative, but you can never be too sure these days.
@@tornadot2025 They got what they deserved. If they wanted to do penetration testing like real professionals in the industry, they should have called up The Linux Foundation to set one up. They behaved like a threat actor and were rewarded as such.
@@sapphirefractal4506 That would've defeated the whole purpose. They were testing the entire structure and process, so nobody was supposed to know. If they were truly threat actors, then they would've never spoken up and stopped the code from officially making it into the next kernel release. They intentionally submitted laughably bad code to test whether anybody is actually vetting code submissions for bad and/or malicious code, and they proved that either nobody is really vetting it, or the ones vetting it are horrible at their job. So, did they get banned for being "threat actors", or did they get banned because they shattered yet another Linux myth and certain egos couldn't handle it?
the irony is that most of those non-linux companies dealing with hardware are also quite stingy when adding support for their own stuff. nvidia quickly became kryptonite for their gpus (also for wayland, hello? they became a blocker) and the tegra system aswell, and samsung hardly even documented their exynos stuff for example
FINALLY! I am going to make a Video on that. Linux is pumped with much needed money by big tech 🙏 From Linux-domestic Tech like SuSE, Canonical or Red Hat but also by the oh so "evil" ones like Microsoft, Google etc. Unlike some Linux diehard fans want to believe, its not built upon enthusiasm and passion of tinkerers in their basement. But huge huge money 💪
We can appreciate the money and resources big tech companies put into making linux better and still call them out when they spy on us or do other unethical things, I would much rather have no phone but until a serious foss alternative becomes mature I’m stuck with either ios or android and all the surveillance that entails
Yes, it is a bad thing, the companies like Redhat, Novel, Suse, Intel and especially Microsoft and Oracle have every incentive to make the entire Linux stack to be over engineered. Over engineered means difficult to maintain, difficult to maintain means you can only have established incumbent corporations (like the ones already developing it) having the resources to maintain bugs inherent o over engineered designs. Over engineered also means more of a performance overhead and Intel and AMD would be very happy if you bought a new CPU. You made a point of bureaucracy makes malevolence impossible. If so, how does that explain what happened in Europe between 1935 and 1945? The issue is a lot of engineers get lied about how great being a engineer is and think it's a "smart person blue collar job with smart person six figure", but it's an office job with office politics and pitching your ideas in power point. Engineers aren't the King's Blacksmiths, they're the King's generals. A lot of engineers have college debt to pay off or their expensive homes, a lot of Engineers are locked into upper middle class lifestyles because all of the Engineering jobs are in expensive areas. It's called "The golden handcuffs" and STEM jobs are full of them. Also, since something is over engineered, how the hell can a mere mortal search through millions of lines of code that if it had something malicious, it would probably be obfuscated kinda like hiding your porn in a folder called "Linux Isos"?
"I don't think the world is that evil." Oh, you sweet summer child. The entire argument hinges on the entire source code being not only available for review, but also actually being thoroughly reviewed by independent parties.
@@TheLinuxEXP They successfully got the shady code into the main branch without getting caught. The only reason anybody found out about it is because the submitters came forward and said something. If they didn't say anything, then that shady code would still be in the kernel right now.
I think it'd start to become a real problem for Linux (an many other things for that matter) the more monopolies form and the whole thing gets controlled by a handful of subsidiaries owned by the same mega corporation. Then, you'd only have one entity shaping one of the most successful open source project in all of tech to their will, and monopolies almost never have what you would call good intentions for anyone but themselves. So... let's hope that our governments anti-trust laws enough to avoid such a scenario... let's hope But as of now, it just looks like the contributions come from developers that require Linux, and just so happen that most developers all work in giant corporations because of course they do
And yet, desktop experience can be still improved a lot. Blind guess most of these contributions don't affect "GUI users", aside from hardware support. When I plug in TV via HDMI, only 30Hz mode is detected and stutters - on Windows 60 is available and is smooth. That's on Wayland, on X11 it's even worse. NVIDIA plz.
I think we need to draw the distinction between desktop and server. Companies aren't adding to desktop, they're adding to server. Yes, the kernel is the same but the impact is more felt on the server side than the desktop side.
desktop need proprietary s/w but linux community always say we don't need that S/W. why on earth would company develop sw that everybody say they don't need? if not for sever probably desktop don't even exist. linux community think companies are evil but companies are not evil. monopolies are evil. we have to watch for monopoly but not proprietary S/W or companies. proprietary sw can be a monopoly but util that happen, proprietary S/W are not enemies.
@@MrjinZin0902 That's an odd assumption. Linux is a perfectly good stand alone desktop OS. That's kind of like saying we don't need Windows 10 because we don't have any Windows enterprise servers in the farm. Two completely different sets of users with different requirements. Chrome OS is moderately successful and it's just a dedicated desktop distro served up from Google. There are two distinct communities - server and desktop - just as with Microsoft.
@@JimAllen-Persona if anybody don't contribute device drive, how can OS exist? not that different. if linux was used for desktop who want to contribute device driver? that's why liux had crappy graphic drivers. in past, server don't need good graphic driver but that has changed and desk also benefit from it. do you really think AMD and NVidia care about linux desktop user?
@@MrjinZin0902 I think they care deeply about it. Who is their customer? Someone who runs Linux server from command line? More than likely, especially NVIDIA, cares about the desktop user. AMD wants a piece of it because the market for Linux servers is pretty much Intel - undoubtedly some AMD I'll grant - but their customer base will be in desktop. I couldn't even tell you the hardware we run on - all of our hosts are VM's and the server runs VMware bare metal.
I've been leery of Linus lately. A few kernel releases ago he allowed telemetry to be added by Intel. It has to do with the ability to update firmware remotely I believe. All I know is that a decade ago the community would never have allowed it and now they embrace it. I wonder if Linus has much say at all anymore?
Nick, great video as always. I gotta say, you have become one of my favorite Linux creators. These news segments are extremely insightful; and it's nice to see someone with reasonable opinions on the Linux space Quick question, do you have a link to the full picture from this timestamp: 3:24 I really liked it but there are things that seem to be cut out
So, the minute that Linus steps off, Linux is doomed, noted, thanks! I also have to point out... what if something that is against the users is wanted by most corporations ? Like something to help tracking. They'll pass it no problem, then individually implement efficient telemetry and the normal user, not to mention that maybe even big companies, will be none the wiser.e
@@TheLinuxEXP While I agree with this for everything other than the kernel, (i.e. though Unix was forked to high heck, I'm having a hard time thinking of even one Linux kernel fork) there certainly have been, and, unfortunately, probably will continue to be anti-user patches that have made it into the kernel and will probably never come out. Intel's SDSI, (i.e. the kernel's equivalent of future BMW's "get used to paying monthly rent for every hardware feature in your car") was just merged in 5.18. I can't think of a more anti-user bit of functionality than having someone tell you that you can't use the hardware you bought to its greatest extent unless you pay them monthly fees, and yet, it went right in, without an ounce of hesitation. I have yet to see a distro that's using the theoretically-forked 5.18A+ family of kernels over the mainline ones as a result. So, while theoretically you're entirely right about open source and forking for everything other than the kernel, for the kernel itself, I'm afraid as a practical matter, once anti-user garbage goes in, we're just going to be using that anti-user garbage, whether we like it or not, no different than if it were a commercial OS. Show me a vibrant post-fork (no-longer) Linux, (let's be generous and call "vibrant" any such post-fork entity being used by even 5% of those using the mainline kernel) and I'll apologize and fully retract all the above.
@@TheLinuxEXP But what about the non-free firmware and blobs? Those are closed source, and they can't be audited. Couldn't the corporations just add some kind of tracking/telemetry functionality into that part of the system without it being detected? Just playing devil's advocate here.
But it also explains why MS retains a near-monopoly on desktop computing. And that the biggest inroad against that has come from Google's Chrome OS, based on Linux. The same for smartphones. Apple would be a monopolist were it not for Google using Linux to create Android.
The point of Open Source is to ensure transparent software development. This model makes it so we all benefit from the resources of these massive companies.
Linux Foundation, made for promoting Linux, but they don't even try to use Linux on desktops, so only way to have better linux desktop is to find a way to tell LF to work on better linux desktop, alongside KDE, GNOME and others. You don't need to push shady stuff to the kernel to make user life miserable, just don't focus on stuff Average Joe needs on their metal ;) Plus, some seats on LF makes me chills... Tencent? Winnie the Pooh approves, social credit +20 ;)
Russia and China are probably Linux best bet to be adopted by the masses. They're very keen on switching since Microsoft, Apple, and Google are US companies.
Hi Nick. Have you checked out the much greater speed Firefox runs at in Ubuntu 22.10. I SWEAR it is miles faster. They have done something? This deserves reporting. It made me switch to Firefox (best browser to get away from big tech) and I prefer it.
Great video Nick, and very informative! I would imagine that many Linux users watch this and then also wonder why isn't Linux on the Desktop more than it is. It comes down to one basic thing: OEMs are bound to installing Microsoft's Windows OS on new hardware, and that is how most users get an operating system on their PCs.
As long as they don't find some kind of a loophole to the free licence, I don't think it's particularly a problem. In fact I think it's good, because big tech brings the money into the open source software.
Actually, back in 2021, the University of Michigan was banned from uploading patches because someone had uploaded bad code. It was supposedly non functional and used as a test. Before that, I don't remember the specifics, but some "unknown" code was found in the kernel which no one knew how it got there. It was removed. There were no signs whatsoever as to who submitted it. Supposedly, it opened back doors. I think it was believed to have been one of the alphabet agencies (FBI, CIA, NSA, ONI, etc.).
Do you remember about when that mysterious piece of code was discovered? I did some googling trying to find any information about this, and all I could find was an NSA backdoor that doesn't seem to have been in the kernel, discovered in 2013 (bvp47), and a bit of code that was submitted but caught before it made it in, in 2003.
@@Friend- I cannot remember when it happened, but was a few years ago. Someone had discovered it, and there was nothing, not even a trace of who or when. Things like this don't just happen. The code opened a backdoor into the kernel if I remember correctly. I tried searching for it, but could not find it. I will keep searching. Without sounding like I have a tin foil hat on, but it could have been wiped by one of the three letter agencies.
As long as the community has the ultimate power over FOSS It'll be fine But vigillance is key here, remember what happened to Minix & LBRY (Look up intel-ME & Odysee not being pro-FOSS anymore)
The whole "anyone can fork it" is a pretty big lie. It makes many big corporations to maintain Linux, it's not like a bunch of people will be able to fork and maintain their own Linux it without an issue. It might be possible, but how likely it is for millions to migrate to a new OS?
This is not really a big deal. What is the big deal is that there is only 1 person keeping Linux open source, as soon as Linus Torvalds is gone MS owns all of Linux. They will acquire all the "rights." They have already added it to their OS. Embrace, extend, extinguish is MS's MO when dealing with competition.
The whole situation with how programming languages and open source projects function these days is extremely worrying. all source code for open source projects and required libraries I use, will be getting downloaded this weekend. ☁️ Just somebody elses computer.
It's not about having a “soul” as much as it is about signing disclosure agreements and having to go 1 vs 1 against a giant corporation with grade A Freemason lawyers not to mention not having media support to voice your whistle blowing because corporations pay their salaries directly and through ad revenue.
that's why people have concerns about systemd. however, as long as everything is open source and signed by real names, especially the kernel, I think we are OK to say that there couldn't be intentional back doors. Unintentional bug and intentionally postponed patch is a whole can of worms we shouldn't open ourselves.
So you answered what makes Linux. Can you next address what makes Unix, please? Also, is there an operating system out there being developed (or already developed and available to the public) in relation to how the open-ware philosophy once worked when Linux first became known?
This makes the third video from this channel in my recommends that has been basically a cry for attention drama post complete with click-baity title to ensure outrage. I will be remember this and will be letting the YT algorithm know how much I appreciate it.
I'd rather some large corporations put their money and effort into something we all can use for minimal cost, than for us to be required to use a proprietary platform like Windows or MacOS.
I'm okay with big tech in Linux as long as it's not ALL big tech all the time. The community has to have the final say. And besides, in capitalism, consolidation is a thing. Which means, sometimes people can't choose NOT to work for a big corpo.
I can think of another case of a company trying to add malicious code in Linux. Way back when Intel tried to convince then maintainer ot the /dev/random seed device Theodore Ts'o of implementing it so that it would rely only on the Intel CPU on-chip entropy pool, which the Snowden leaks later showed was considered a very viable attack vector to break SSL encrypted streams like HTTPS. Ts'o didn't buy Intel's arguments and implemented the random seed in the kernel by mixing from several pools of entropy, including the Intel instruction. After the Snowden leaks Ts'o even commented that he was relieved that he didn't trust Intel at all.
Linus realized what a lot of people don't - someone needs to get paid to do this work. It's the reason the Linux Kernel is as big as it is. People don't (normally) work on something like a kernel without getting paid and the amount of people who do are not enough to make it near as big as it is. Also, why am I not surprised Huawei tried to sneak something nasty into the kernel?
Google 5.2%. Facebook 3.6%. Pffft. The 'Unknown' at 6.6% and 5.3% are far more scarier than Intel's Management Engine and whatever AMD's equivalent are.
Very interesting, I learn from every video. Hey Nick how about some info in one of your videos about your background. Sounds like you were maybe a developer or worked for IT in some big company. You've probably talked about it in the past but I missed it.
It doesn't matter. Anyone with instruction set comprehension can write a kernel from scratch in assembler and call it something of their choosing. Linus Torvalds did it in the mid 1990's and it can be done again.
I was part of the team at IBM in 1999/2000 that made the pitch to the IBM Executives that we should invest Developer resources to accelerate Linux in the Enterprise space. That led to the creation of the IBM Linux Technology Center where teams of developers worked on a diverse range of Linux capabilities. IBM at the time did not want to be a Linux Distribution (That has obviously changed) as there was a concern that if there was an IBM Linux Distro that it would put off other companies from contributing to Linux. Which I think was a good move at the time. As part of the final decision, Linus Torvald was contacted and gave his go ahead, however he did lay out a number of areas that he wanted IBM developers to focus on. Many of them were very deep kernel types of projects where you really need someone with OS development skills to contribute and since IBM had many OS developers they had the skills to work deep in the code. It was a hard time to convince the Executives to pay a couple hundred developers to work on an OS that was essentially free and that IBM would not get money off of. But the result was that by contributing code that assisted Linux in accelerating Enterprise class features IBM was able to sell more hardware into the growing Linux Server Ecosystem. And of course sell Services to those companies. Behind the scenes IBM did help out many Distributions. SuSE probably being the largest one, where when they were on the verge of Bankruptcy IBM stepped in and convinced Novell to acquire them, which saved SuSE from disappearing. Of course Novell has since had its troubles and SuSE has gone through a number of different owners over the past few years. I had long left IBM when they acquired Red Hat. But given that Linux was well established by then and Red Hat was such a major player I would expect that the Linux community is not as concerned about IBM overly influencing the Kernel. This period of my career was a lot of fun. Especially being in on the ground floor and having a front row seat. P.S. Love IBM or Hate IBM, please don't make your replies into a Flame war.
Did you catch the story of Google deciding to deprecate JPEG-XL in Chrome? Complete BS, some of us were really looking forward to it and they've effectively killed it.
All of the big companies web sites and cloud services probably run on linux based servers. That is why they can even pay money to improve what they are using.
I think there is a BIG difference between open source developers being hired by big companies to work on open source projects, and the big companies projects having control on that project. The Linux kernel is a community project. No single companies control the direction of Linux development. That's why open source development model worked very well for them. The kernel developers get hired by different companies, but ultimately it's still the community who control the development, not the companies. But there are also projects like Android/AOSP or Chrome/Chromium, where there is one personality who exerts controls above everything else. Yes, it might be open source on paper, but there, outside contributions are only accepted if it aligns with the interest of that single company, and decisions by that single company goes unopposed. This is a much less healthy relationship.
As always, an intriguing question and content :) I actually wish more companies were interested in contributing more to down the level, to userspace where DEs and the individual applications exist.. As far as being evil.. if all companies decided to become extra evil, sure we're free to fork and go our own way but isnt it also true we'd also lose all these developers working on it? In theory forking always sounds so easy but then it turns out you also lose all the people that worked on this project. I'm reminded of of giant projects like Firefox where in theory you can fork any time but it's very hard to actually keep going. People even say browser are more complicated than whole operating systems 😮
The thing about big-tech contributions to userspace is that they have a great conflict of interest here. Linux is just a kernel they already rely on, so unless they can somehow replace it, they're essentially forced by the license to contribute valuable improvements back. Userspace isn't something they already use, nor even in their best interests to succeed. They want to flush their proprietary products like ChromeOS with money so that the open-source competitors like GNOME wouldn't be able to keep up.
@@rkvkydqf yep, i understand. there's just no incentive for most of them. the only ones i can clearly understand who would benefit from open source desktop succeeding are Valve and i think even they haven't been doing enough there.
8:54 I disagree, just look at Chromium. Chromium browsers are moving to manifest v3 which is almost entirely harmful, despite it being possible for someone to fork Chromium and improve the browser by removing telemetry, google services... wait, we have that already I have to wonder why Chromium seems to be different in this regard.
12:40 You can always label backdoors as "bugs" if they get discovered. I often don't understand my own code if I don't comment it properly, when I have to look at it just a few weeks later. And I don't even write heavy algorithm stuff. Imagine some heavily scientific code blocks that only few people on the planet are able to understand on the fly. The Huawei example is totally inappropriate as well. It's a Chinese company which competes not only against all the other Linux contributing corporations on the "free market" but which also got kicked in the a*s same year by the Trump administration. What I'm saying is, that all the other contributing corporations might look much closer on the code contributions from Russian or Chinese contributors. Whereas there are might be not sooo many high skilled, well paid or even volunteering commit "watchers" outside of those corporations. And again, even there are a lot of independent, high skilled observers, you still can (try to) obfuscate backdoors, even someone is watching. I'm pretty sure, there are whole departments (governmental and corporate) which work full time on such methods. The kernel has more than 50 Millions line of code! There are dozens of commits daily. I still prefer Linux over Microsoft and Apple (which I ditched for Ubuntu one year ago), mainly because it is open source and gives me the freedom to do with it what I might want to. But Open Source label alone does not provide any security if there aren't as many independent and virtuous observers as there are contributions from "evil" corporations.
You don't actually KNOW that they use what they develop. They could remove the patches/vulnerabilities or fix intended bugs before deploying their own Linux servers.
I really like the more pragmatic approach of the open-source model, it's great how most tools used for "data" (e.g. databases, frameworks, models) are open-source projects created or with contributions of Big Tech. Unfortunately this model is much more common with developer and IT related areas, in other areas open-source solutions is more a hit-and-miss, with way more misses than hits.
Heyy, can you make maybe a review about the best distros for scientific linux? Need one that is secure/ has lts and has all programs that are sometimes hard to install (salome, openfoam). Heard that fedora scientific is discontinued
If they respect the code, and if they don't try to insert backdoors or information collection, then I'd say having company hired programmers help improve the kernal is a great thing.
@@ArniesTech you're free to try. Even one of open-source developer said browser engine is too much to handle for community or individual. Most likely Linux is in the same situation in terms of complexities.
Yup, that is reality. The Linux kernel can be viewed as the ultimate collaboration project made of up of contributors working for their own interests.The fact that the companies need to openly contribute the source code and not a binary blob means anything they do is done in plain site so there's no hiding. Google would not let Microsoft hide telemetry gathering in the kernel to give them an unfair advantage and Microsoft wouldn't let Google do that for the same reasons. If they both decide to hide it together, there are too many other hands in the pot to stop them from getting those additions approved and if ALL the companies are up to that nonsense, Linus himself will shut it down. This begs the question, what happens when Linus Torvalds dies? Who will have the absolute authority to shutdown company shenanigans then and will they be trust worthy? Companies often outlive the lifetime of one human so who's to say they won't be up to their old tricks when Linus isn't around to protect it anymore?
Samsung's contribution makes me wonder why Samsung laptops' keyboard backlight and fingerprint sensor have no Linux drivers and therefore not useable on Linux. Those Samsung developers who contributed Linux code worked on Samsung's laptops, right?
thanks for the video, this is the best explanation of how Linux is developed. My family thinks I use an OS that is cobbled together by overweight people in their parent's basement. they don't believe that a big company would use it or help build it.
If it would only be one or two Big Tech companies who effectively make Linux, I would say yes. But because basically EVERY Big Tech companies (well, besides Apple) and a lot more tech companies make Linux, no.
Silly question, but still : what would any big tech company have to gain by trying to "take over" Linux, when they could easily just fork BSD? I mean, that's basically what NeXT/Apple did, and it didn't turn out too bad for them. Actually, I'm quite curious about the rationale behind Google's choice to go with the Linux kernel instead of using BSD.
Make sure your PHP applications stay relevant for longer: bit.ly/3VnYqJn
yeah, because they will absolutely shit up anything to do with linux with badvertizements and "features" that are bloated buggy spyware vulnerabilities and convince mouthebreathers to pay good money because porn and lottery
seriously search for linux tutorials and you will see it happen. these greedy pigs will absolutely take advantage of all that free labor, put it inside a "walled garden" and convince schmucks and stupid investors their bullshit is gold and it takes money to make money.
It's a BIG problem.
The answer is yes
One thing Gregg K-H has said that's important, is that all code submitted is signed off under the developer's personal name. They can't just hide behind a company. Those submissions are publicly searchable in the LKML until the end of human civilization. With the engineer's personal reputation on it, better code is promoted.
Absolutely!
Nice. Not true but nice. I have worked on several Linux drivers, my name is not on any of them. The developer name is "awarded" to the chief developer. Drivers are a group effort by a team.
@@scottfranco1962 Then the chief developer is taking responsibility for the code that's submitted to the repo maintainer. That's just an added step of review and a plus.
@@krozareq no, that sounds very unusual and exploitative. In open source, it's generally considered very important that authorship and chain of custody to be attributed correctly.
Even if the senior developer is taking responsibility for submitting the code on behalf of the junior, that is supposed to be denoted with git's sign-off mechanism.
Each git commit can attach three or more names and email information: author, committer, and signed-off-by. And multiple people can be recorded in the signed-off-by field, as may happen in more complex situations.
@@yvrelna That would be true on the third-party module's repo, but not necessarily true on the Linux official repos. Especially not true on the LKML. Everyone should get credit though.
If Big Tech takes control of Linux, we can always fork it.
That’s why open-source projects are great!
Exactly!
lol? no you can't. if they take control, it will no longer be open source. they will even take previous versions down.
@@ETHANR26 But that's not possible tho
@@LightOffArchives lol? people said distributing untested shots to the world wasn't possible and would never happen, less than 5 years ago.
@@ETHANR26 No, they can't
As long as no corporate completely owns Linux and puts backdoors then it's fine
Yep!
I agree
Or corporations that are basically arms of a certain state.
@@Ghfvhvfg why is that?
By the time anyone finds out about it its too late unfortunately. OR people ignore it and at worst they completely embrace it. Less people care about security than one might think, and its scary as hell.
Ironically Microsoft has probably been a great push for Linux development considering they literally need it for Azure to run correctly
More ironically, Microsoft has been the biggest reason that Linux is not running everywhere right now.
Do not ever forget the FUD this company has produced. Since Bill Gates is gone and that monkey, it seems to be turning to the good side. But there are still minions out there that obstruct roll out of linux solutions in order to get vendor locked in again, because eventually, a bad working solution with microsoft needs a lot more support.
But maybe that's the reason why Linux is so good, because for a long time it wasn't touched by them.
Every major cloud runs on linux. As have 1000’s of SaaS companies and providers for decades.
Many don’t contribute back but many have.
MS contributions aren’t particularly significant, in terms of “would Linux be a success or not”.
True
No, Microsoft has probably been a great push for Linux development because the source code of Windows is proprietary... meaning a lot of people and companies didn't like the idea of using and being hostage of an OS whose development is mainly dependent on whatever Microsoft's agenda may be at any point in time.
Big tech can't and won't stay away from Linux, whether we like or not, but at the end of the day, it's the Linux community, that decides to merge their contributions or not.
Thanks for bringing this up, Nick 👍!
To a very small extent. 99% of all decisions that move Linux forward are made in the headquarters of the Linux dev HQ, SuSE GmbH, RedHat/IBM and Canonical.
If you were to deny them Linux, they suddenly have no good options for their own infrastructure.
There is a reason Unix hasn't gotten much traction despite all the corporate forks of it, and Windows server just gets too... Annoying and expensive to deal with.
Quite often you need 3rd party software to license and bolt onto Windows Server to do certain tasks, as the built in stuff is... crap.
So yes, we are al in a MAD scenario here, the ship that we all need and can't sabotage :D
And if they got too heavy handed, a community would just evolve and fork away from the project and make their own version of the kernel.
I'm rather concerned about propietary things in firmware than Linux itself.
@@ArniesTech small side note: Intel is also part of that dev HQ
As long as they don't force their closed source version on you and me, it's welcomed.
In fact, the more the merrier.
I agree with some comments in that the key lies in governance model more than in openness. Other open source projects like Chromium, WebKit or the AOSP have often suffered from a single entity - that makes the majority of contributions - deciding the roadmap, what info to share or disclose, etc. fully controlling development direction.
As you showed Linux decision is made by literally dozens of directors, whose companies rarely exceed 5% of submitted code, all while supervised by non-profit foundation. It's really successful. No one can exert dominance.
Unless those companies are actually all drinking from the same kool-aid....
You briefly touched on something I've talked about a lot. Considering that Linus isn't all in on the GPL, it's actually helped Linux with its popularity. Stallman's stringent attitude about open source is what turns a lot of companies off and has actually hurt the movement. If anyone deserves credit for Linux being as big of a thing as it is, it's Torvalds because of his attitude towards for-profit businesses. Otherwise, we might just have Mach and/or Hurd.
On the other side of the spectrum you have the most popular open source OS which is android, and android is hell. So while I like that most of my hardware is supported. I'm also thankful to the more stringent people in the movement for being able to access the trash can on my computer.
First of all, I don't condone Richard Stallman's attitude, whatever it is. But from what I gathered, he promotes free or libre software: not easy to use or install yet non-free, non-libre softwares. If I remember correctly, Stallman illustrated his point of view with his real experience: where he used to work, they had a printer with the source code of its driver accessible and modifiable. They happened to face from time to time a few problems. But since they had access to the code of the printer, they could manage to correct it and then improve it. From the moment the company of the printer started to offer its hardware without the source code of its hardware accessible and modifiable, with some "arbitrary" limitations on its use, every time a software problem arose, they were left at the mercy of that company or found it harder to correct the bugs and to make the hardware fit their needs. There are other experiences that made him understand the necessity of a free software philosophy. It's simply a problem of philosophy instead of a relational problem, at first to say the least.
@@DisplayLine6.13.9 From a technical standpoint, Android isn't completely open source. The base of it is, and you can make a completely open fork, but there's a lot of closed proprietary code that goes into it. And every customized version for a device you use will have plenty of closed source, such as Samsung's version of it. Further, for now at least, they use Linux for their kernel, so it's technically also a Linux distribution.
I really like open source and community driven Linux projects, but I recognize that private companies aren't a negative in itself and can substantially contribute to Linux too
The University of Minnesota had been banned from contributing to the Linux kernel by one of its maintainers after researchers from the school apparently knowingly submitted code with security flaws
I fine with it as long as Linux is still free, ethical and open.
I dont know about ethical. The largest Linux Players like Canonical, SuSE GmbH, RedHat/IBM have nothing to do with ethical. They do what works and what brings Profit to the company. Which is a normal thing for any company.
@@ArniesTech Just because they're not concerned with ethics, doesn't mean nothing they contribute to is ethical. People in the FSF camp would argue the binary blobs are unethical, and Canonical has done some shady stuff on the Ubuntu desktop, but I think most of us would agree that the Linux kernel and most of its ecosystem is still ethical at this point, even though amoral companies have been contributing to it for quite some time.
@@Friend- Canonical doing shady stuff? There was another video made by The Linux Experiment...
The biggest safeguard is only briefly mentioned, which is that it's not one or two companies involved, but a whole bunch of competitors; and as long as a process is maintained that ensures they can watch each other like hawks, then Linux doesn't even need to depend on Linus Torvalds (which is an important issue for younger people). Like science: don't trust scientists, trust the institution and the process.
No one knows what is the Linux kernel. In fact, due to so many big Chinese tech companies adding code, some of the documentation of that code is literally written in chinese.
@@sophieedel6324 I think big US companies (and the US three-letter agencies) employ people who understand code and can read Chinese.
You forgot about a research team pushing buggy code and waiting to see if the process catches it. They were subsequently banned, and I think you even did a video on this!
They don't submit buggy code. Instead they're testing wether it is possible to sneak a vulnerability through Linux merge review process. They're successful in this, the vulnerability got merged to the main branch. When they release their research findings about it, Linux maintainers doesn't take it kindly and decided to ban them.
Edit: so to clarify, the code is not the research goals, the review process itself is what they're researching.
@@bltzcstrnx +1! You beat me to it! The only reason that the buggy code was detected is that the submitters told the maintainers about it. If they wouldn't have said anything, then that buggy code would still be in the main branch to this very day. Instead of thanking the research team for revealing a flaw in the process so that they could fix it and make Linux better, they chose to ban them for shattering the myth that all contributions are being thoroughly vetted for buggy/malicious code before being accepted into main line. It frightens me to think about how many other times this has possibly happened in the past with the submitters not alerting anyone.
Come to think of it, has anybody actually performed a thorough audit on the full stack with published results? I hate to sound so negative, but you can never be too sure these days.
@@tornadot2025 They got what they deserved. If they wanted to do penetration testing like real professionals in the industry, they should have called up The Linux Foundation to set one up. They behaved like a threat actor and were rewarded as such.
@@sapphirefractal4506 That would've defeated the whole purpose. They were testing the entire structure and process, so nobody was supposed to know. If they were truly threat actors, then they would've never spoken up and stopped the code from officially making it into the next kernel release. They intentionally submitted laughably bad code to test whether anybody is actually vetting code submissions for bad and/or malicious code, and they proved that either nobody is really vetting it, or the ones vetting it are horrible at their job.
So, did they get banned for being "threat actors", or did they get banned because they shattered yet another Linux myth and certain egos couldn't handle it?
the irony is that most of those non-linux companies dealing with hardware are also quite stingy when adding support for their own stuff. nvidia quickly became kryptonite for their gpus (also for wayland, hello? they became a blocker) and the tegra system aswell, and samsung hardly even documented their exynos stuff for example
FINALLY! I am going to make a Video on that. Linux is pumped with much needed money by big tech 🙏 From Linux-domestic Tech like SuSE, Canonical or Red Hat but also by the oh so "evil" ones like Microsoft, Google etc.
Unlike some Linux diehard fans want to believe, its not built upon enthusiasm and passion of tinkerers in their basement. But huge huge money 💪
We can appreciate the money and resources big tech companies put into making linux better and still call them out when they spy on us or do other unethical things, I would much rather have no phone but until a serious foss alternative becomes mature I’m stuck with either ios or android and all the surveillance that entails
Eh, it's more like Linux is built by the workers in those companies. They need Linux as a tool, and so they work on it and expand it.
And made them back more than they spent. You're welcome.
Yes, it is a bad thing, the companies like Redhat, Novel, Suse, Intel and especially Microsoft and Oracle have every incentive to make the entire Linux stack to be over engineered. Over engineered means difficult to maintain, difficult to maintain means you can only have established incumbent corporations (like the ones already developing it) having the resources to maintain bugs inherent o over engineered designs. Over engineered also means more of a performance overhead and Intel and AMD would be very happy if you bought a new CPU. You made a point of bureaucracy makes malevolence impossible. If so, how does that explain what happened in Europe between 1935 and 1945? The issue is a lot of engineers get lied about how great being a engineer is and think it's a "smart person blue collar job with smart person six figure", but it's an office job with office politics and pitching your ideas in power point. Engineers aren't the King's Blacksmiths, they're the King's generals. A lot of engineers have college debt to pay off or their expensive homes, a lot of Engineers are locked into upper middle class lifestyles because all of the Engineering jobs are in expensive areas. It's called "The golden handcuffs" and STEM jobs are full of them.
Also, since something is over engineered, how the hell can a mere mortal search through millions of lines of code that if it had something malicious, it would probably be obfuscated kinda like hiding your porn in a folder called "Linux Isos"?
One of the very best and most informative Linux channels. Thanks, Nick.
"I don't think the world is that evil." Oh, you sweet summer child.
The entire argument hinges on the entire source code being not only available for review, but also actually being thoroughly reviewed by independent parties.
Problem? Maybe. Necessary? Absolutely. There’s no way to make a secure kernel that can run on as many devices as Linux without company involvement.
Absolutely! That's part of why GNU Hurd never really went anywhere: being anto corporate means you only have individuals contributing, and no funding
As always its the personell and financial ressources that power everything. 💪🙏
8:40
@TheLinuxExperiment: "You would NEVER be reached by all that supposedly shady code"
University of Minnesota: "Hold my beer."
They got banned in a few days, I think it quite proves that shady code can't really last
@@TheLinuxEXP They successfully got the shady code into the main branch without getting caught. The only reason anybody found out about it is because the submitters came forward and said something. If they didn't say anything, then that shady code would still be in the kernel right now.
I think it'd start to become a real problem for Linux (an many other things for that matter) the more monopolies form and the whole thing gets controlled by a handful of subsidiaries owned by the same mega corporation. Then, you'd only have one entity shaping one of the most successful open source project in all of tech to their will, and monopolies almost never have what you would call good intentions for anyone but themselves.
So... let's hope that our governments anti-trust laws enough to avoid such a scenario... let's hope
But as of now, it just looks like the contributions come from developers that require Linux, and just so happen that most developers all work in giant corporations because of course they do
Central banks control the governments and corporations.
And yet, desktop experience can be still improved a lot. Blind guess most of these contributions don't affect "GUI users", aside from hardware support. When I plug in TV via HDMI, only 30Hz mode is detected and stutters - on Windows 60 is available and is smooth. That's on Wayland, on X11 it's even worse. NVIDIA plz.
I think we need to draw the distinction between desktop and server. Companies aren't adding to desktop, they're adding to server. Yes, the kernel is the same but the impact is more felt on the server side than the desktop side.
Yep! They don't really care about the desktop
desktop need proprietary s/w but linux community always say we don't need that S/W. why on earth would company develop sw that everybody say they don't need? if not for sever probably desktop don't even exist. linux community think companies are evil but companies are not evil. monopolies are evil. we have to watch for monopoly but not proprietary S/W or companies. proprietary sw can be a monopoly but util that happen, proprietary S/W are not enemies.
@@MrjinZin0902 That's an odd assumption. Linux is a perfectly good stand alone desktop OS. That's kind of like saying we don't need Windows 10 because we don't have any Windows enterprise servers in the farm. Two completely different sets of users with different requirements. Chrome OS is moderately successful and it's just a dedicated desktop distro served up from Google. There are two distinct communities - server and desktop - just as with Microsoft.
@@JimAllen-Persona if anybody don't contribute device drive, how can OS exist? not that different. if linux was used for desktop who want to contribute device driver? that's why liux had crappy graphic drivers. in past, server don't need good graphic driver but that has changed and desk also benefit from it. do you really think AMD and NVidia care about linux desktop user?
@@MrjinZin0902 I think they care deeply about it. Who is their customer? Someone who runs Linux server from command line? More than likely, especially NVIDIA, cares about the desktop user. AMD wants a piece of it because the market for Linux servers is pretty much Intel - undoubtedly some AMD I'll grant - but their customer base will be in desktop. I couldn't even tell you the hardware we run on - all of our hosts are VM's and the server runs VMware bare metal.
I've been leery of Linus lately. A few kernel releases ago he allowed telemetry to be added by Intel. It has to do with the ability to update firmware remotely I believe. All I know is that a decade ago the community would never have allowed it and now they embrace it. I wonder if Linus has much say at all anymore?
Intel did not add telemetry. They added a driver to access telemetry data from hardware devices.
Nick, great video as always. I gotta say, you have become one of my favorite Linux creators. These news segments are extremely insightful; and it's nice to see someone with reasonable opinions on the Linux space
Quick question, do you have a link to the full picture from this timestamp: 3:24
I really liked it but there are things that seem to be cut out
Thanks a lot! I found it already cropped by searching for "Linux architecture diagram"
So, the minute that Linus steps off, Linux is doomed, noted, thanks!
I also have to point out... what if something that is against the users is wanted by most corporations ? Like something to help tracking. They'll pass it no problem, then individually implement efficient telemetry and the normal user, not to mention that maybe even big companies, will be none the wiser.e
Nah, it would be noticed in 2 days and it woukd either be removed or the kernel would be forked
@@TheLinuxEXP While I agree with this for everything other than the kernel, (i.e. though Unix was forked to high heck, I'm having a hard time thinking of even one Linux kernel fork) there certainly have been, and, unfortunately, probably will continue to be anti-user patches that have made it into the kernel and will probably never come out. Intel's SDSI, (i.e. the kernel's equivalent of future BMW's "get used to paying monthly rent for every hardware feature in your car") was just merged in 5.18. I can't think of a more anti-user bit of functionality than having someone tell you that you can't use the hardware you bought to its greatest extent unless you pay them monthly fees, and yet, it went right in, without an ounce of hesitation. I have yet to see a distro that's using the theoretically-forked 5.18A+ family of kernels over the mainline ones as a result. So, while theoretically you're entirely right about open source and forking for everything other than the kernel, for the kernel itself, I'm afraid as a practical matter, once anti-user garbage goes in, we're just going to be using that anti-user garbage, whether we like it or not, no different than if it were a commercial OS.
Show me a vibrant post-fork (no-longer) Linux, (let's be generous and call "vibrant" any such post-fork entity being used by even 5% of those using the mainline kernel) and I'll apologize and fully retract all the above.
@@TheLinuxEXP But what about the non-free firmware and blobs? Those are closed source, and they can't be audited. Couldn't the corporations just add some kind of tracking/telemetry functionality into that part of the system without it being detected? Just playing devil's advocate here.
But it also explains why MS retains a near-monopoly on desktop computing. And that the biggest inroad against that has come from Google's Chrome OS, based on Linux. The same for smartphones. Apple would be a monopolist were it not for Google using Linux to create Android.
The point of Open Source is to ensure transparent software development. This model makes it so we all benefit from the resources of these massive companies.
Linux Foundation, made for promoting Linux, but they don't even try to use Linux on desktops, so only way to have better linux desktop is to find a way to tell LF to work on better linux desktop, alongside KDE, GNOME and others.
You don't need to push shady stuff to the kernel to make user life miserable, just don't focus on stuff Average Joe needs on their metal ;)
Plus, some seats on LF makes me chills... Tencent? Winnie the Pooh approves, social credit +20 ;)
Russia and China are probably Linux best bet to be adopted by the masses. They're very keen on switching since Microsoft, Apple, and Google are US companies.
companies moving to linux means more softwares directly available directly available on linux without wacky ways to run them
Hi Nick. Have you checked out the much greater speed Firefox runs at in Ubuntu 22.10. I SWEAR it is miles faster. They have done something? This deserves reporting. It made me switch to Firefox (best browser to get away from big tech) and I prefer it.
Great video Nick, and very informative! I would imagine that many Linux users watch this and then also wonder why isn't Linux on the Desktop more than it is. It comes down to one basic thing: OEMs are bound to installing Microsoft's Windows OS on new hardware, and that is how most users get an operating system on their PCs.
Great overview of how Linux is developed!
Thanks!
As long as they don't find some kind of a loophole to the free licence, I don't think it's particularly a problem. In fact I think it's good, because big tech brings the money into the open source software.
Microsoft employees themselves use Windows. But that doesn't stop them from adding all sorts of crappy stuff to the system.😄
Actually, back in 2021, the University of Michigan was banned from uploading patches because someone had uploaded bad
code. It was supposedly non functional and used as a test. Before that, I don't remember the specifics, but some "unknown"
code was found in the kernel which no one knew how it got there. It was removed. There were no signs whatsoever as to
who submitted it. Supposedly, it opened back doors. I think it was believed to have been one of the alphabet agencies (FBI,
CIA, NSA, ONI, etc.).
Do you remember about when that mysterious piece of code was discovered? I did some googling trying to find any information about this, and all I could find was an NSA backdoor that doesn't seem to have been in the kernel, discovered in 2013 (bvp47), and a bit of code that was submitted but caught before it made it in, in 2003.
@@Friend- I cannot remember when it happened, but was a few years ago. Someone had discovered it, and there was nothing, not even a trace of who or when. Things like this don't just happen. The code opened a backdoor into the kernel if I remember correctly.
I tried searching for it, but could not find it. I will keep searching. Without sounding like I have a tin foil hat on, but it could have been wiped by one of the three letter agencies.
Did you mean University of Minnesota? Because this is what UMN researchers did and got caught.
As long as the community has the ultimate power over FOSS
It'll be fine
But vigillance is key here, remember what happened to Minix & LBRY
(Look up intel-ME & Odysee not being pro-FOSS anymore)
1:50 Huawei technologies
10:35 shady
The whole "anyone can fork it" is a pretty big lie. It makes many big corporations to maintain Linux, it's not like a bunch of people will be able to fork and maintain their own Linux it without an issue. It might be possible, but how likely it is for millions to migrate to a new OS?
yes, especially in the future.
I'm looking forward to the Blackrock kernel patches to improve the ESG'ness of the kernel.
This is not really a big deal.
What is the big deal is that there is only 1 person keeping Linux open source, as soon as Linus Torvalds is gone MS owns all of Linux. They will acquire all the "rights." They have already added it to their OS. Embrace, extend, extinguish is MS's MO when dealing with competition.
They can't really do that
@@TheLinuxEXP they already did. next step is add source file and binary hashes to the piracy filter and block all uploads across all services.
The whole situation with how programming languages and open source projects function these days is extremely worrying.
all source code for open source projects and required libraries I use, will be getting downloaded this weekend.
☁️ Just somebody elses computer.
It's not about having a “soul” as much as it is about signing disclosure agreements and having to go 1 vs 1 against a giant corporation with grade A Freemason lawyers not to mention not having media support to voice your whistle blowing because corporations pay their salaries directly and through ad revenue.
Wasn't the team from university of Minnesota messing with the kernel just to test all this hierarchy? And then kicked off the Linux foundation?
that's why people have concerns about systemd. however, as long as everything is open source and signed by real names, especially the kernel, I think we are OK to say that there couldn't be intentional back doors. Unintentional bug and intentionally postponed patch is a whole can of worms we shouldn't open ourselves.
So you answered what makes Linux. Can you next address what makes Unix, please? Also, is there an operating system out there being developed (or already developed and available to the public) in relation to how the open-ware philosophy once worked when Linux first became known?
This makes the third video from this channel in my recommends that has been basically a cry for attention drama post complete with click-baity title to ensure outrage. I will be remember this and will be letting the YT algorithm know how much I appreciate it.
I'd rather some large corporations put their money and effort into something we all can use for minimal cost, than for us to be required to use a proprietary platform like Windows or MacOS.
Very interesting. Why does this make me nervous.
I'm okay with big tech in Linux as long as it's not ALL big tech all the time. The community has to have the final say.
And besides, in capitalism, consolidation is a thing. Which means, sometimes people can't choose NOT to work for a big corpo.
I can think of another case of a company trying to add malicious code in Linux. Way back when Intel tried to convince then maintainer ot the /dev/random seed device Theodore Ts'o of implementing it so that it would rely only on the Intel CPU on-chip entropy pool, which the Snowden leaks later showed was considered a very viable attack vector to break SSL encrypted streams like HTTPS. Ts'o didn't buy Intel's arguments and implemented the random seed in the kernel by mixing from several pools of entropy, including the Intel instruction. After the Snowden leaks Ts'o even commented that he was relieved that he didn't trust Intel at all.
*thrall* If you are in thrall to someone or something, or in the thrall of someone or something, he, she, or it has a lot of power to control you.
I don't think all of these people need to be evil for there to be a problem. There is a conflict of interest and I do think it is a problem.
Linus realized what a lot of people don't - someone needs to get paid to do this work. It's the reason the Linux Kernel is as big as it is. People don't (normally) work on something like a kernel without getting paid and the amount of people who do are not enough to make it near as big as it is.
Also, why am I not surprised Huawei tried to sneak something nasty into the kernel?
Google 5.2%. Facebook 3.6%. Pffft. The 'Unknown' at 6.6% and 5.3% are far more scarier than Intel's Management Engine and whatever AMD's equivalent are.
Very interesting, I learn from every video. Hey Nick how about some info in one of your videos about your background. Sounds like you were maybe a developer or worked for IT in some big company. You've probably talked about it in the past but I missed it.
It doesn't matter. Anyone with instruction set comprehension can write a kernel from scratch in assembler and call it something of their choosing. Linus Torvalds did it in the mid 1990's and it can be done again.
I was part of the team at IBM in 1999/2000 that made the pitch to the IBM Executives that we should invest Developer resources to accelerate Linux in the Enterprise space. That led to the creation of the IBM Linux Technology Center where teams of developers worked on a diverse range of Linux capabilities. IBM at the time did not want to be a Linux Distribution (That has obviously changed) as there was a concern that if there was an IBM Linux Distro that it would put off other companies from contributing to Linux. Which I think was a good move at the time. As part of the final decision, Linus Torvald was contacted and gave his go ahead, however he did lay out a number of areas that he wanted IBM developers to focus on. Many of them were very deep kernel types of projects where you really need someone with OS development skills to contribute and since IBM had many OS developers they had the skills to work deep in the code.
It was a hard time to convince the Executives to pay a couple hundred developers to work on an OS that was essentially free and that IBM would not get money off of. But the result was that by contributing code that assisted Linux in accelerating Enterprise class features IBM was able to sell more hardware into the growing Linux Server Ecosystem. And of course sell Services to those companies.
Behind the scenes IBM did help out many Distributions. SuSE probably being the largest one, where when they were on the verge of Bankruptcy IBM stepped in and convinced Novell to acquire them, which saved SuSE from disappearing. Of course Novell has since had its troubles and SuSE has gone through a number of different owners over the past few years.
I had long left IBM when they acquired Red Hat. But given that Linux was well established by then and Red Hat was such a major player I would expect that the Linux community is not as concerned about IBM overly influencing the Kernel.
This period of my career was a lot of fun. Especially being in on the ground floor and having a front row seat. P.S. Love IBM or Hate IBM, please don't make your replies into a Flame war.
Well... No, people won't move away - as seen with the introduction of systemd. To be fair: this is not a kernel issue...
Did you catch the story of Google deciding to deprecate JPEG-XL in Chrome? Complete BS, some of us were really looking forward to it and they've effectively killed it.
Microsoft, Google, Facebook we only missing Amazon and Apple to have the big 5 xd
All of the big companies web sites and cloud services probably run on linux based servers. That is why they can even pay money to improve what they are using.
I think there is a BIG difference between open source developers being hired by big companies to work on open source projects, and the big companies projects having control on that project.
The Linux kernel is a community project. No single companies control the direction of Linux development. That's why open source development model worked very well for them. The kernel developers get hired by different companies, but ultimately it's still the community who control the development, not the companies.
But there are also projects like Android/AOSP or Chrome/Chromium, where there is one personality who exerts controls above everything else. Yes, it might be open source on paper, but there, outside contributions are only accepted if it aligns with the interest of that single company, and decisions by that single company goes unopposed. This is a much less healthy relationship.
As always, an intriguing question and content :)
I actually wish more companies were interested in contributing more to down the level, to userspace where DEs and the individual applications exist..
As far as being evil.. if all companies decided to become extra evil, sure we're free to fork and go our own way but isnt it also true we'd also lose all these developers working on it? In theory forking always sounds so easy but then it turns out you also lose all the people that worked on this project. I'm reminded of of giant projects like Firefox where in theory you can fork any time but it's very hard to actually keep going. People even say browser are more complicated than whole operating systems 😮
The thing about big-tech contributions to userspace is that they have a great conflict of interest here. Linux is just a kernel they already rely on, so unless they can somehow replace it, they're essentially forced by the license to contribute valuable improvements back. Userspace isn't something they already use, nor even in their best interests to succeed. They want to flush their proprietary products like ChromeOS with money so that the open-source competitors like GNOME wouldn't be able to keep up.
@@rkvkydqf yep, i understand. there's just no incentive for most of them. the only ones i can clearly understand who would benefit from open source desktop succeeding are Valve and i think even they haven't been doing enough there.
8:54 I disagree, just look at Chromium. Chromium browsers are moving to manifest v3 which is almost entirely harmful, despite it being possible for someone to fork Chromium and improve the browser by removing telemetry, google services... wait, we have that already
I have to wonder why Chromium seems to be different in this regard.
UA-cam changed their UI. Nice.
It has to watched extremely carefully - we might loose control over freedom of open source.
Slackware is built by one guy!
dunno why you would mention red hat and ibm seperately as red hat is owned by ibm.
They still operate as separate entities
12:40 You can always label backdoors as "bugs" if they get discovered. I often don't understand my own code if I don't comment it properly, when I have to look at it just a few weeks later. And I don't even write heavy algorithm stuff. Imagine some heavily scientific code blocks that only few people on the planet are able to understand on the fly. The Huawei example is totally inappropriate as well. It's a Chinese company which competes not only against all the other Linux contributing corporations on the "free market" but which also got kicked in the a*s same year by the Trump administration. What I'm saying is, that all the other contributing corporations might look much closer on the code contributions from Russian or Chinese contributors. Whereas there are might be not sooo many high skilled, well paid or even volunteering commit "watchers" outside of those corporations. And again, even there are a lot of independent, high skilled observers, you still can (try to) obfuscate backdoors, even someone is watching. I'm pretty sure, there are whole departments (governmental and corporate) which work full time on such methods. The kernel has more than 50 Millions line of code! There are dozens of commits daily.
I still prefer Linux over Microsoft and Apple (which I ditched for Ubuntu one year ago), mainly because it is open source and gives me the freedom to do with it what I might want to. But Open Source label alone does not provide any security if there aren't as many independent and virtuous observers as there are contributions from "evil" corporations.
You don't actually KNOW that they use what they develop. They could remove the patches/vulnerabilities or fix intended bugs before deploying their own Linux servers.
One of the biggest mistakes was the sell of SuSE to Novell
There's a fatal error in the headline! Probably author meant that Linux Is Not made by big tech, or that big tech Made By linux..
Couldn't a company just add malicious code but use a patched version herself?
They're out then.
@@holl7w But secretly
Sure, it is open source, anyone can add malicious code on the devices they control.
Not gonna get trough without getting noticed, has already been tried
Good investigative journalism on Linux.
I really like the more pragmatic approach of the open-source model, it's great how most tools used for "data" (e.g. databases, frameworks, models) are open-source projects created or with contributions of Big Tech.
Unfortunately this model is much more common with developer and IT related areas, in other areas open-source solutions is more a hit-and-miss, with way more misses than hits.
Every hobby project needs the backing of a large entities to succeed in long term. Unless there’s a monopoly I guess it’s fine.
this shows the importance of licenses and the superiority of GPL/copyleft over permissive license
Heyy, can you make maybe a review about the best distros for scientific linux? Need one that is secure/ has lts and has all programs that are sometimes hard to install (salome, openfoam). Heard that fedora scientific is discontinued
If they respect the code, and if they don't try to insert backdoors or information collection, then I'd say having company hired programmers help improve the kernal is a great thing.
Saying Red Hat and IBM is a little redundant, no?
Not really, one owns the other, but they operate as separate entities
Please describe Linux "In a Nutshell".
I wonder what would happen if/when Torvalds quits or, God forbid, passes away. Is there a trustworthy next-in-line?
Linus isn’t even the lead maintainer
Red Hat is IBM. Red Hat also sucks.
Simple means to take a peek into someone else's work basically. The real useful and monetizable features would of course be kept proprietary.
I keep waiting for the day that MS throws the towel in the ring and starts building Windows based on a linux distro :-)
Money makes the world go around. It is what it is. At least Linux is open-source.
Linux has grown too big and as complex as windows that having it maintained by the open source community just isn't feasable
Why not?
Has it?
@@ArniesTech you're free to try. Even one of open-source developer said browser engine is too much to handle for community or individual. Most likely Linux is in the same situation in terms of complexities.
Yup, that is reality. The Linux kernel can be viewed as the ultimate collaboration project made of up of contributors working for their own interests.The fact that the companies need to openly contribute the source code and not a binary blob means anything they do is done in plain site so there's no hiding. Google would not let Microsoft hide telemetry gathering in the kernel to give them an unfair advantage and Microsoft wouldn't let Google do that for the same reasons. If they both decide to hide it together, there are too many other hands in the pot to stop them from getting those additions approved and if ALL the companies are up to that nonsense, Linus himself will shut it down.
This begs the question, what happens when Linus Torvalds dies? Who will have the absolute authority to shutdown company shenanigans then and will they be trust worthy? Companies often outlive the lifetime of one human so who's to say they won't be up to their old tricks when Linus isn't around to protect it anymore?
Samsung's contribution makes me wonder why Samsung laptops' keyboard backlight and fingerprint sensor have no Linux drivers and therefore not useable on Linux. Those Samsung developers who contributed Linux code worked on Samsung's laptops, right?
thanks for the video, this is the best explanation of how Linux is developed. My family thinks I use an OS that is cobbled together by overweight people in their parent's basement. they don't believe that a big company would use it or help build it.
If it would only be one or two Big Tech companies who effectively make Linux, I would say yes.
But because basically EVERY Big Tech companies (well, besides Apple) and a lot more tech companies make Linux, no.
Wonder who this unknown contributor is? 🤔
Silly question, but still : what would any big tech company have to gain by trying to "take over" Linux, when they could easily just fork BSD? I mean, that's basically what NeXT/Apple did, and it didn't turn out too bad for them.
Actually, I'm quite curious about the rationale behind Google's choice to go with the Linux kernel instead of using BSD.
is luks mean full disk encryption ?
FYI meta uses an android based os on the quest line of products.
I'm not sure how to take this.. hmmm..
As long as torvalds is alive it wont be an issue