Re: [security-discuss] gnuradio project DoS attacks GNU wget users

[Jean Louis]

On Wed, Mar 01, 2017 at 08:02:41AM -0500, Alfred M. Szmidt wrote:
>    > Works for Me.
>    > 
>    >   ~ $ wget http://gnuradio.org/releases/gnuradio/gnuradio-3.7.10.1.tar.gz
> 
>    If you use wget in the manner required by CloudFlare, Inc. and GNU
>    Radio Foundation, Inc., indeed there is no issue.
> 
>    But some of whome embrace freedom 0 don't want to be forced to use the
>    tools in a restricted capacity.  A privacy-proponent might want to use
>    wget over Tor, as follows: 
> 
> To use a program you have to have a copy of it, there is no obligation
> (be it ethical, moral or otherwise) on the distributor that they have
> to distribute a copy to you over your prefered means.

That is lack of police at the GNU project.

Best solution for any GNU parts and software would be that there is
clear policy on hosting.

I would propose that if the original project is hosted somewhere else,
but on GNU website, including Savannah and GNU FTP, then the copy of
software shall be served from GNU website or GNU FTP or Savannah, and
the original project may be served as they wish.

Downloading from Sourceforege like for example CLISP, GNU Common Lisp,
or downloading through Cloudfare, and other providers (Github), is not
reasonable for freedom loving users.

Also submitting bugs through Sourceforge that requires password, and
Github, is also not a reasonable expectation of GNU users.

And I just suppose that GNU and FSF would not block Tor users, when
software is served from their servers.

There shall be policy by GNU project that software shall be served
from GNU websites, regardless of the original website.

That way, there would be no disagreements.


Jean Louis