I agree with much of what he says about the potential for infiltration of bad stuff into Linux, but he's comparing apples and oranges. He's comparing a large, complex open source product to a small, simple closed source product. I claim that if you ignore the open/closed part, the difference in trustworthiness comes from the difference between small and large. That is, if security is my concern, I'd choose a small open source product over a large closed source, or a small closed source over a large open source... in either case, there's some hope that there aren't bad things in there.
Comparing Linux to his proprietary system is just setting up a strawman..... of course the fact that he's selling something that conveniently replaces the strawman he knocks down is simply a coincidence.... --Jeremy > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > Behalf Of [EMAIL PROTECTED] > Sent: Thursday, April 29, 2004 2:32 PM > To: Kenneth R. van Wyk > Cc: [EMAIL PROTECTED] > Subject: [SC-L] Re: White paper: "Many Eyes" - No Assurance > Against Many > Spies > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Kenneth R. van Wyk wrote: > > >FYI, there's a white paper out by Dan O'Dowd of Green Hills > Software (see > >http://www.ghs.com/linux/manyeyes.html) that "It is trivial > to infiltrate the > >loose association of Linux organizations which have > developers all over the > >world, especially when these organizations don't even try to prevent > >infiltration, they accept code from anyone." > > And he's selling us the solution, how convenient. :\ Hmm. > > Leaving aside the couple of obvious problems with this essay's > arguments, I'll note that some of the author's points are valid. It > puzzles me that many otherwise security-conscious people have > no qualms > downloading and installing whatever they fancy with little thought to > the source or the author's motives. It is indeed a pretty > loose network > which supports much of what we know as GNU/Linux. That is > less true of > FreeBSD and even less of OpenBSD. > > - -d > > - -- > David Talkington > [EMAIL PROTECTED] > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.4 (GNU/Linux) > > iD8DBQFAkUoT5FKhdwBLj4sRAluEAJ4oaUqtTrKPsOpaTiRJ9vycDhlwMACgo6D3 > M/i6mUw7n6wm2c64aBIaPwk= > =NAeE > -----END PGP SIGNATURE----- > >
