-- Leo's gemini proxy
-- Connecting to gemini.techrights.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Posted in GNU/Linux, Kernel, Microsoft, Servers, Windows at 1:34 am by Dr. Roy Schestowitz
“Greed is not a financial issue. It’s a heart issue.”
–Andy Stanley
Summary: The Linux Foundation shows ‘love’ to actual GNU/Linux (the real thing) by apparently rejecting it and badmouthing it
WHEN selling the soul of Linux is more profitable than actually promoting this GPL-licensed kernel it’s not hard to understand how the Linux Foundation turned from a supposed ‘charity’ to a massive enterprise and near-monopoly in that space (e.g. events/conferences).
They ‘own’ Linux.com. They control or manage the Linux trademark. So why would they link to anti-Linux stories (authored by “swapnilbhartiya” yesterday)? Because they just do and most of them don’t even use Linux! As someone put it yesterday:
>
>
> If you go to any winduhs (Linux) Foundation event you can see Macs everywhere. No GNU/Linux in sight. Anywhere. Wasn't like that when they started in the first year.
>
> — SleepyPenguin (@SleepyPenguin1) July 16, 2019
>
You go to Google, you look for “Linux” news, a site called Linux.com then shows up with anti-Linux material (this isn’t about Linux but bad devices/users). Well done, Swapnil and Jim. The articles posted nowadays in Linux.com give room for concern. Misleadingly-titled FUD.
“You go to Google, you look for “Linux” news, a site called Linux.com then shows up with anti-Linux material (this isn’t about Linux but bad devices/users).”We’ve meanwhile noticed lots of spammy blog posts (yesterday, Sysadmin Day) from the Linux Foundation in various “Linux” blogs. “Linux Security Blog” participated and “It’s FOSS” did so too. Linux Journal said (in the headline) that “the Linux Foundation Is Having a Sysadmin Day Sale,” adding a promotional link with what seems like tracking/referral code. But that in itself isn’t the issue. It seems like the site in question uses Windows for the server, but we’re not entirely sure. It’s very well disguised (see IRC discussion at the bottom).
It would not be unprecedented for the Linux Foundation to use Windows; applicants apply for a job there using LinkedIn (Microsoft), as we’ve noted before and there’s a lot of Microsoft stuff used by the Foundation’s staff (see discussion below; I know this from my old interactions with Foundation staff). Over the past months I’ve had to resort to humour just to get the point across without offending the offenders, for example:
>
>
> 2019: where do you work?A: I work for the Linux Foundation.What's that?A: it's some operating system something…Ah, I see…A: OK, let me go back to my Facebook wall on my Mac…
>
> — Dr. Roy Schestowitz (罗伊) (@schestowitz) July 17, 2019
>
Yesterday I also noticed this text: “Have directly led revenue growth from $20MM to $50MM, from $80MM to $100MM…”
No, that’s not the Foundation’s chief Jim Zemlin (who sold out Linux… for his 'nonprofit' to make about $100,000,000 per year). That’s what his wife’s LinkedIn profile says. It’s all about money and both strive to grow in just one respect: money! From 20 million to 100 million. What is being achieved? Nothing. A Windows-powered and Mac-powered ‘Linux’ Foundation (Linux only in name). █
“Large corporations, of course, are blinded by greed. The laws under which they operate require it – their shareholders would revolt at anything less.”
–Aaron Swartz
schestowitzHelp needed! Am I crazy or is this site WINDOWS-powered? Help me out here, geeks… https://cloud.email.thelinuxfoundation.org/SysadmindaYJul 17 01:52-TechrightsBot-tr/#techrights-cloud.email.thelinuxfoundation.org | NO TITLEJul 17 01:52schestowitzmy initial tests say yesJul 17 01:52schestowitzbased on more shallow testsJul 17 01:52schestowitzI might publish “Celebrates Sysadmin Day With a Microsoft Windows Site!”Jul 17 01:52schestowitzI mean, LF Celebrates Sysadmin Day With a Microsoft Windows Site!Jul 17 01:52schestowitzbut I am not yet 100% sure it”s Windows at the back endJul 17 01:53schestowitzcould be mod-speling [sic] in ApacheJul 17 01:53schestowitzhttps://identity.linuxfoundation.org/checkout/540473Jul 17 01:54-TechrightsBot-tr/#techrights- ( status 404 @ https://identity.linuxfoundation.org/checkout/540473 )Jul 17 01:54schestowitzalso this..Jul 17 01:54schestowitzhttps://identity.linuxfoundation.org/checkoUt/540473Jul 17 01:54-TechrightsBot-tr/#techrights- ( status 404 @ https://identity.linuxfoundation.org/checkoUt/540473 )Jul 17 01:54schestowitznote caseJul 17 01:54schestowitzstill works with the token hereJul 17 01:54schestowitzbloody hell!Jul 17 01:55schestowitzLF…. you also apply for a job there using LinkedIn (Microsoft)Jul 17 01:55XRevan86https://identity.linuxfoundation.org/checkoUt/540473 – VarnishJul 17 01:56XRevan86The first link is served by something else. But it won’t tell by which.Jul 17 01:57schestowitzcan you check with me?Jul 17 01:57schestowitzthis is importantJul 17 01:57XRevan86It’s not HTTP/2 capable.Jul 17 01:58XRevan86https://cloud.email.thelinuxfoundation.org/Jul 17 01:59-TechrightsBot-tr/#techrights- ( status 403 @ https://cloud.email.thelinuxfoundation.org/ )Jul 17 01:59XRevan86The 403 page looks like something done by Apache TomcatJul 17 01:59schestowitzI did the same thingJul 17 02:00schestowitzwhy is the site case insensitive?Jul 17 02:00schestowitzAlso, see page sourceJul 17 02:00schestowitzlots of “MS” bitsJul 17 02:00schestowitzI want to be 100% sure we don’t get the story, if any at all, wrongJul 17 02:00XRevan86schestowitz: Maybe they configured case-insensitive matchingJul 17 02:01XRevan86It is peculiar.Jul 17 02:02schestowitzno clues in http headers?Jul 17 02:03schestowitzAges ago, more than 10 years, I had FF extensions for thatJul 17 02:03schestowitzbefore Mozilla killed xulJul 17 02:03XRevan86schestowitz: Not even a Server header.Jul 17 02:03XRevan86schestowitz: Firefox’s devtools can do the job.Jul 17 02:04XRevan86but I test with curlJul 17 02:04schestowitzany other tricks we can employ?Jul 17 02:04schestowitzThis is a big deal if it turns out to be windowsJul 17 02:04XRevan86If I had experience with Windows servers, maybe I’d know what to look for…Jul 17 02:04XRevan86or with Java servers for that matter…Jul 17 02:05XRevan86I know https://linux.org.ru/ is using Tomcat, and it is case-sensitive.Jul 17 02:05-TechrightsBot-tr/#techrights-LINUX.ORG.RU — Русская информация об ОС LinuxJul 17 02:05XRevan86https://www.linux.org.ru/gallery/ – GalleryJul 17 02:05-TechrightsBot-tr/#techrights-www.linux.org.ru | ГалереяJul 17 02:05XRevan86https://www.linux.org.ru/Gallery/ – 404Jul 17 02:05-TechrightsBot-tr/#techrights- ( status 404 @ https://www.linux.org.ru/Gallery/ )Jul 17 02:05XRevan86schestowitz: But maybe it is really mod_spelingJul 17 02:08XRevan86and they then just turned off HTTP headers that give away configurationJul 17 02:08XRevan86At least we know it’s Java and not ASP.NETJul 17 02:09schestowitzwhich domain?Jul 17 02:11XRevan86cloud.email.thelinuxfoundation.orgJul 17 02:11cubexyzcheck with netcraft?Jul 17 02:12-viera/#techrights-Tux Machines: Proxmox VE 6.0 released! http://www.tuxmachines.org/node/125966 [https://pleroma.site/objects/f3b82e95-d9ea-42e1-b380-6be86812a61b]Jul 17 02:12XRevan86cubexyz: Doesn’t tell anything of interest.Jul 17 02:13schestowitzI thought about itJul 17 02:13schestowitzbut did not do itJul 17 02:13schestowitzas I thought it might not even be on their radar yetJul 17 02:13cubexyzmerely says “unknown”Jul 17 02:13schestowitzseems like a new site or some internal “office” crapJul 17 02:13schestowitzhow else can we test?Jul 17 02:14schestowitzI don’t want to get the story wrong, that’s allJul 17 02:14XRevan86> OS: F5 BIG-IPJul 17 02:14XRevan86It did say that thoughJul 17 02:14schestowitzas that can be used to discredit everything we ever said re LFJul 17 02:14XRevan86How can it tell?Jul 17 02:14cubexyzthere’s wappalyzerJul 17 02:14schestowitzcan you have a go at it?Jul 17 02:14cubexyzsureJul 17 02:14schestowitzMaybe they have the OS quite wellJul 17 02:14schestowitzmind you, they use LOTS of MSFT internalluyJul 17 02:15schestowitzI know this from their PR repJul 17 02:15schestowitzbut demonstrating it, like link with proof, would help…Jul 17 02:15cubexyzmysql, php, wordpress, OWL, bootstrap, jqueryJul 17 02:17XRevan86cubexyz: I doubt thatJul 17 02:17XRevan86there’s no wordpress thereJul 17 02:17-viera/#techrights-Tux Machines: Univention Corporate Server 4.4-1/Point Release UCS 4.4-1: performance improvements, app recommendations and UDM REST API Beta http://www.tuxmachines.org/node/125967 [https://pleroma.site/objects/94f199ef-a04b-473c-a4a1-288f05bf6166]Jul 17 02:18schestowitzcubexyz: does not look like wordpressJul 17 02:19schestowitzeven if you look at page sourceJul 17 02:19schestowitzit looks like a really poorly-made CMS of some kindJul 17 02:19schestowitzbut I want to know the USJul 17 02:20XRevan86WordPress is PHP.Jul 17 02:20schestowitzOSJul 17 02:20cubexyzno idea, just saying what wappalyzer saysJul 17 02:20XRevan86This is Java.Jul 17 02:20schestowitzI imagine the CMS is proprietary anywayJul 17 02:20schestowitzhttps://twitter.com/schestowitz/status/1151297943745568768Jul 17 02:21-TechrightsBot-tr/#techrights-@schestowitz: We are the LINUX FOUNDATION We OWN Linux dot com! We link to anti -Linux stories Because we just do (and we don’t e… https://t.co/UoJrMddR6KJul 17 02:21-TechrightsBot-tr/#techrights-@schestowitz: We are the LINUX FOUNDATION We OWN Linux dot com! We link to anti -Linux stories Because we just do (and we don’t e… https://t.co/UoJrMddR6KJul 17 02:21schestowitzhttps://twitter.com/schestowitz/status/1150987858083295232Jul 17 02:21-TechrightsBot-tr/#techrights-@schestowitz: “swapnilbhartiya” at #zemlinpac continues using the site LINUX dot com to promote #microsoft crap. [facepalm] https://t.co/BOIY5nmFWUJul 17 02:21-TechrightsBot-tr/#techrights–> Aqua Security Launches Microsoft Azure Marketplace Private Offers | Linux.com | The source for Linux informationJul 17 02:21XRevan86I don’t think there’s a way to tellJul 17 02:24cubexyzthelinuxfoundation.org runs nginx on linuxJul 17 02:25cubexyzaccording to netcraftJul 17 02:25XRevan86Does plain Tomcat support “Content-Encoding: gzip”?Jul 17 02:25schestowitzThat would make sense for the main siteJul 17 02:25schestowitzbut for sales etc.Jul 17 02:25schestowitznot sureJul 17 02:25XRevan86And they’re using AWSJul 17 02:27schestowitzthat’s not unusualJul 17 02:27schestowitzwould be worse if they used MSAzureJul 17 02:28XRevan86That’d make my dayJul 17 02:28XRevan86Port scanning (nmap) revealed only that whoever configured cloud.email.thelinuxfoundation.org configured the firewall restrictivelyJul 17 02:29XRevan86At least ICMP is openJul 17 02:30XRevan8680, 113, 443, nothing elseJul 17 02:30-viera/#techrights-Tux Machines: Network Security Toolkit 30-11210 http://www.tuxmachines.org/node/125968 [https://pleroma.site/objects/ec0ec5d4-88eb-4a05-9512-c9c86c76140a]Jul 17 02:31XRevan86The main site has IPv6, cloud.email. doesn’t.Jul 17 02:31schestowitzI guess we still don’t know what it runsJul 17 02:33schestowitzand the checkout (identity) partJul 17 02:33schestowitzthey got some company from the outside to do itJul 17 02:33schestowitzand maybe it’s not LinuxJul 17 02:33XRevan86It’s most likely Linux just because the odds are generally in that direction.Jul 17 02:34XRevan86Who’d deploy a Java website on Windows? Some kind of insane Microsoft fan I guess. But then, why not ASP.NET?Jul 17 02:34schestowitzdon’t bet on kt!Jul 17 02:34schestowitzit!Jul 17 02:34schestowitzThis is the LFJul 17 02:34XRevan86oh noJul 17 02:37XRevan86I’ve checked nmap’s capabilitiesJul 17 02:37XRevan86-O: Enable OS detectionJul 17 02:37XRevan86-sV: Probe open ports to determine service/version infoJul 17 02:37XRevan86> 443/tcp open ssl/upnp Microsoft IIS httpdJul 17 02:37XRevan86Guess flipping whatJul 17 02:37XRevan86> Running (JUST GUESSING): F5 Networks embedded (93%), F5 Networks TMOS 11.6.X (87%), OpenBSD 4.X (87%)Jul 17 02:38XRevan86> OS CPE: cpe:/o:f5:tmos:11.6 cpe:/o:openbsd:openbsd:4.0Jul 17 02:38XRevan86> Aggressive OS guesses: F5 BIG-IP Edge Gateway (93%), F5 BIG-IP Local Traffic Manager load balancer (TMOS 11.6) (87%), OpenBSD 4.0 (87%Jul 17 02:38XRevan86Just like netcraft, it thinks it’s most likely something from F5Jul 17 02:38XRevan86but HTTP server probing gave a better ideaJul 17 02:39XRevan86schestowitz: Good thing I didn’t bet.Jul 17 02:39XRevan86You seem speechless %)Jul 17 02:40cubexyzisn’t port 443 just HTTP over SSL… not necessarily M$ Jul 17 02:41XRevan86cubexyz: That’s “-sV: Probe open ports to determine service/version info”Jul 17 02:41XRevan86that’s its guessJul 17 02:42cubexyzhmmm, yeah Jul 17 02:43cubexyzdoesn’t look goodJul 17 02:44schestowitzmaybe I will publish IRC noted to accompany thisJul 17 02:44schestowitz*IRC notesJul 17 02:44schestowitzas we are not sureJul 17 02:44schestowitzGet a load of this todayJul 17 02:44schestowitzhttps://www.redhat.com/en/blog/microsoft-and-red-hat-inspiredJul 17 02:44-TechrightsBot-tr/#techrights-www.redhat.com | Microsoft and Red Hat, inspiredJul 17 02:44XRevan86schestowitz: The evidence is:Jul 17 02:45XRevan861. case-insensitivity for no apparent reasonJul 17 02:45XRevan862. nmap -sV cloud.email.thelinuxfoundation.org guesses HTTP is handled by “Microsoft IIS httpd”Jul 17 02:45schestowitzI think it is probableJul 17 02:46schestowitzas soon as I saw the site and then the structure (marketing cruft appended to URL)Jul 17 02:47schestowitzThen I checked page sourceJul 17 02:47schestowitzBeen there, seen that… red flagsJul 17 02:47schestowitzAlso “cloud” Jul 17 02:47schestowitzI know they used MS for office thingsJul 17 02:47schestowitzlike in-office commsJul 17 02:47schestowitzTheir PR reps used that to communicate with me ages agoJul 17 02:47schestowitzDan Brown and others…Jul 17 02:48XRevan86https://cloud.email.thelinuxfoundation.org/SYSADM~1/ well, at least this didn’t work Jul 17 02:49-TechrightsBot-tr/#techrights- ( status 400 @ https://cloud.email.thelinuxfoundation.org/SYSADM~1/ )Jul 17 02:49schestowitzjoke or some element of truth to it?Jul 17 02:50cubexyzdidn’t M$ give the win7 code to russia recently?Jul 17 02:50schestowitzI get the jokeJul 17 02:50cubexyzor not recently… it may have been a while agoJul 17 02:50XRevan86https://github.com/irsdl/IIS-ShortName-Scanner some element of truth to itJul 17 02:51-TechrightsBot-tr/#techrights-GitHub – irsdl/IIS-ShortName-Scanner: latest version of scanners for IIS short filename (8.3) disclosure vulnerabilityJul 17 02:51XRevan86Tried using https://nmap.org/nsedoc/scripts/http-iis-short-name-brute.html, no effect.Jul 17 02:56-TechrightsBot-tr/#techrights-nmap.org | http-iis-short-name-brute NSE ScriptJul 17 02:56XRevan86StackOverflow isn’t either.Jul 17 02:57XRevan86nmap -sV detects Varnish on StackOverflowJul 17 02:59XRevan86> via: 1.1 varnishJul 17 02:59XRevan86I thought they’re on Windows ServerJul 17 02:59schestowitzno, not likelyJul 17 02:59schestowitzthe (co)founder has some MSFT connectionsJul 17 02:59schestowitzbooks etc.Jul 17 02:59schestowitzCodingHorror guyJul 17 03:00schestowitzthe site, however, isn’t so… and he clarified to me he never worked for Microsoft directlyJul 17 03:00XRevan86Wikipedia states that Stack Overflow is written in C#Jul 17 03:00XRevan86Considering that .NET Core is a very new thing, it is most likely on Windows.Jul 17 03:01XRevan86https://en.wikipedia.org/wiki/Stack_Overflow#TechnologyJul 17 03:01-TechrightsBot-tr/#techrights-en.wikipedia.org | Stack Overflow – WikipediaJul 17 03:01XRevan86I guess they have a separate server as a reverse proxy for security and reliability.Jul 17 03:01XRevan86it is also case-insensitiveJul 17 03:03XRevan86no Varnish will change that Jul 17 03:03schestowitzthat’s quite commonJul 17 03:03XRevan86So yea, nmap detected it right.Jul 17 03:03schestowitzonly hours ago at work I deat with Jul 17 03:03XRevan86it figured it’s Varnish, and it isJul 17 03:03schestowitzapache behind nginx, on Ubuntu/DebianJul 17 03:04schestowitzno varnishJul 17 03:04schestowitznginx stuff as reverse proxy Jul 17 03:04XRevan86schestowitz: Apache httpd is redundant in this case in most cases.Jul 17 03:04schestowitzalso helps hide fro probers like nmapJul 17 03:04XRevan86schestowitz: The Stack Overflow is different in that they have to get a separate server to do the job.Jul 17 03:05XRevan86Because Varnish reportedly doesn’t work on Windows.Jul 17 03:05XRevan86* The Stack Overflow caseJul 17 03:05XRevan86schestowitz: nginx in front of Apache httpd introduces almost no overhead.Jul 17 03:06schestowitzyes, or a VMJul 17 03:06schestowitzit does not have to run on the host/backendJul 17 03:06XRevan86So… why wouldn’t you, rightJul 17 03:06schestowitzyou could even run it as a VM under WindowsJul 17 03:07XRevan86schestowitz: True, but I doubt that’s very efficient either.Jul 17 03:07XRevan86It’s a high-load website.Jul 17 03:08-viera/#techrights-Tux Machines: Seven Concerns Open Source Should Worry About – Part 1 http://www.tuxmachines.org/node/125969 [https://pleroma.site/objects/387bf941-25b0-41b6-be31-c401127a895f]Jul 17 03:09XRevan863. they don’t bother this much on the main website to hide set-up informationJul 17 03:12XRevan86Overall it looks like it was an outsource job, and no one cared enough to do it differently. But cared enough to cover the tracks a little bit.Jul 17 03:14XRevan86If they really wanted to hide the fact that this is Windows, they’d reverse proxy it.Jul 17 03:15XRevan86But I guess since it’s likely not in their network (I didn’t check), the overhead from proxying is unpleasant.Jul 17 03:16-viera/#techrights-Tux Machines: Top 15 Best Forum Software For Linux in 2019 http://www.tuxmachines.org/node/125970 [https://pleroma.site/objects/f850f594-b34a-40fa-bf10-ee8544d1f956]Jul 17 03:18schestowitzmight be worth checking host locationJul 17 03:24schestowitzLF is in Portland IIRCJul 17 03:24schestowitzif not SFJul 17 03:24schestowitzI think it’s ambiguous and some are ‘home workers’Jul 17 03:24schestowitzI’m pretty sure Jim Zemlin isSF-based, or somewhere near in CAJul 17 03:24
Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
Permalink Send this to a friend
----------
➮ Sharing is caring. Content is available under CC-BY-SA.
-- Response ended
-- Page fetched on Mon May 6 16:38:37 2024