On Wed, 21 Aug 2019 at 16:42, Richard Pospesel richard@torproject.org wrote:
Yeah same, this convo went from 'wow an interesting discussion about allocators' to 'fuck you Tom' real quick and without provocation.
The email I replied to makes a bunch of false claims and attacks on my project. It was never a friendly conversation. It was a series of attacks and misleading claims which I had to go out of my way to counter. I was not subscribed to this list and had to figure out how to reply to a past thread to defend my work. If you got the impression that I was posting here to participate in an interesting discussion, you were wrong. I'm posting here because there was an incredibly offensive post attacking / dismissing what I've spent so much time working on from someone that hadn't even bothered to read the documentation explaining it. I don't want to be wasting my time here. I want to be doing useful privacy / security work and not having to keep defending my work from misinformation. My response is absolutely not without provocation. Every day, there are people attacking my work with misinformation. This is yet another case of it, and it happens to be from someone working at a company with an unresolved conflict with me where they took advantage of me and substantially harmed me. This is not the only case that I've had to defend myself or my work today, and the people who need to stop are the ones spreading dishonest attacks / misinformation. I replied with facts, and it's a fact that the post was incredibly misleading spin.
From a human standpoint, maybe try and be your best self?
This is my best self, standing up for myself against people inflicting harm on me. Maybe you should stop supporting unethical and dishonest behavior including attacking a project and dismissing the niche for it without even understanding the basics of it, while falsely pretending to be an expert on the topic. It's not me that needs to start being a better person. It's you that's supporting this. It's not my community endorsing dishonesty. This doesn't happen in the communities that I manage. I stop people from attacking other projects with misinformation and false claims, even if I don't like those projects. I correct it, and if they don't stop, they simply get banned. I expect that people stick to the facts and don't misrepresent them. Dishonesty is the most prominent issue in the privacy / security world. There are endless projects / products making dishonest claims about themselves and their competitors, and users are not in a position to evaluate those claims. Those users rely on experts being honest and people not pretending to be experts on something they don't know about.
Or (if you prefer) from a practical standpoint, maybe berating on one of the devs that would be reviewing your allocator patches isn't the best path forward to achieving your goals?
I have no intention of submitting patches to any Mozilla projects. Even if I did contribute to jemalloc again in the future, that's not a Mozilla project. I don't have any issues with the jemalloc developers or project. Also, to be clear, jemalloc is not in any way a hardened allocator and the kind of security work that I do is not in scope for it. The patches that I submitted to jemalloc in the past were performance improvements and had nothing to do with my work on security or GrapheneOS. The hardened_malloc project is not a fork of an existing malloc implementation, and certainly not jemalloc. I would recommend reading https://github.com/GrapheneOS/hardened_malloc/blob/master/README.md rather than continuing what Tom started by making bad assumptions. My goals have nothing to do with submitting any patches to Mozilla projects or jemalloc. I have a pile of bugs including security issues that I've found in Mozilla products that I cannot report to them because of how I've been treated. Improving their software is their problem, not mine. They drove me away a long time ago.
I would suggest that if people don't want to be called out for spreading misinformation and making dishonest / misleading claims, they should simply avoid doing it. You won't find me trashing and dismissing jemalloc anywhere. It's a solid project making sensible design compromises based on the goals. It's heavily oriented towards throughput, low fragmentation and efficiency. It's not a hardened allocator, and is in fact extremely friendly to exploitation even compared to a traditional baseline like dlmalloc. It isn't meant to be a hardened allocator, and that's not some design flaw, but rather the consequence of all the design choices and compromises involved in it. An allocator cannot be all things to all people. There is no best allocator for all use cases / needs and there won't be one. They have substantial design compromises / trade-offs. This applies to lots of software and many things beyond software. I have no problem with someone stating that hardened_malloc isn't for them or their project and optionally explaining why. My issue is with someone attacking it with misleading / false claims and portraying it as negligibly useful or something that can be obsoleted with some tweaks / features bolted onto jemalloc.
The equivalent would be someone that's seen / portrayed as an expert completely downplaying the work of Tor developers, dismissing the usefulness of the project and portraying matching what it provides as simply a matter of making some tweaks to OpenVPN. That's much less personal, because it's an attack on a collaborative project by a bunch of people, not the work of a specific individual. It would also be much more easily seen as bogus compared to someone doing the same thing with memory allocators. It's very harmful to have someone making those false claims about my work. This is my full time job. It's how I earn an income. There is no company funding my work on this but rather I depend entirely on donations. I depend on people understanding the value of the work and someone attacking it with false claims is a direct attack on the sustainability of the project and my job. It's an extremely personal attack. I'm perfectly fine with people criticizing it but they need to be honest and stick to facts. If they have no clue what they're talking about and haven't even read the documentation, they shouldn't be talking about as if they're an expert, especially if what they're doing is attacking / dismissing it. I put a lot of work into writing that kind of documentation for the projects too. The reality is that I have to deal with people attacking these projects with misinformation on quite literally a daily basis and I don't tolerate it.