On Thu, Jul 3, 2014 at 10:33 AM, Marcus G. Daniels <mar...@snoutfarm.com>
wrote:

> On Thu, 2014-07-03 at 09:51 -0600, Barry MacKichan wrote:
> > The HeartBleed bug is an example of a serious, unintentional, problem in
> > an open source package. In that case, even though the software was
> > available to millions of eyeballs, not that many actually looked at it.
> > I suspect only the mainstream big programs (such as Apache) are closely
> > examined. Since I usually find the programs I want through word of mouth
> > from people I trust, I don't worry much about it and have not yet
> > regretted it. Also, I use a Mac.
>
My understanding was that OpenSSL is a large utility with quite a lot of
code and complexity, more than needed for the root functionality. It does
not help to have a lot of eyeballs if almost all get bored and confused and
soon give up! Apparently there is an alternative effort underway called
LibreSSL, we shall see how it is received. But it is an interesting
provocation to consider the multifaceted ways something can be (or fail to
be) 'open', or to an even more convoluted degree, 'free'.
-Arlo James Barnes
============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com

Reply via email to