Re: [tools-dev] Re: [go-oo.org Dev] patch framework up-streaming ...
Hi Michael, Michael Meeks wrote: > On Mon, 2008-06-30 at 10:55 +0200, Mathias Bauer wrote: >> >I would really like to kill the meme that quality can only be achieved >> > by making fewer code changes, and by making developers' lives >> > unreasonably difficult ;-) >> >> http://www.ellak.gr/pub/synedrio/2008/presentations/day1-main/1-venema-oss-security.pdf >> >> :-) > > As in Strategy 1: "Eliminate Programmers": "Make programming a million > times harder" ;-) > > Sounds like a great strategy ;-) Particularly since we're starting from > such an example of perfection in OpenOffice (security-wise) - even > changing a single line anywhere risks catastrophically injecting the > very first security hole ;-) > > But then - is secure code an explicit goal of OpenOffice ? does it even > appear on the radar ? is it even the most useful metric of quality ? > > "Remember, buggy software **works**, even when >it is riddled with security holes" > > If only that was true ;-) > > Regards, > > Michael. > don't take my reply too serious. I only found it amusing that the "meme" you quoted matched so nicely what I heard at that conference - of course with a humorous twinkle of the presenter. You should know me well enough to know that this is not *my* take on that matter. I also want to make it easier. Here's another quote that comes nearer to my perception: "Make everything as simple as possible, but not simpler." I think it was Albert Einstein who said that. Ciao, Mathias -- Mathias Bauer (mba) - Project Lead OpenOffice.org Writer OpenOffice.org Engineering at Sun: http://blogs.sun.com/GullFOSS Please don't reply to "[EMAIL PROTECTED]". I use it for the OOo lists and only rarely read other mails sent to it. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [tools-dev] Re: [go-oo.org Dev] patch framework up-streaming ...
On Mon, 2008-06-30 at 10:55 +0200, Mathias Bauer wrote: > > I would really like to kill the meme that quality can only be achieved > > by making fewer code changes, and by making developers' lives > > unreasonably difficult ;-) > > http://www.ellak.gr/pub/synedrio/2008/presentations/day1-main/1-venema-oss-security.pdf > > :-) As in Strategy 1: "Eliminate Programmers": "Make programming a million times harder" ;-) Sounds like a great strategy ;-) Particularly since we're starting from such an example of perfection in OpenOffice (security-wise) - even changing a single line anywhere risks catastrophically injecting the very first security hole ;-) But then - is secure code an explicit goal of OpenOffice ? does it even appear on the radar ? is it even the most useful metric of quality ? "Remember, buggy software **works**, even when it is riddled with security holes" If only that was true ;-) Regards, Michael. -- [EMAIL PROTECTED] <><, Pseudo Engineer, itinerant idiot - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [tools-dev] Re: [go-oo.org Dev] patch framework up-streaming ...
Michael Meeks wrote: > I would really like to kill the meme that quality can only be achieved > by making fewer code changes, and by making developers' lives > unreasonably difficult ;-) http://www.ellak.gr/pub/synedrio/2008/presentations/day1-main/1-venema-oss-security.pdf :-) Ciao, Mathias -- Mathias Bauer (mba) - Project Lead OpenOffice.org Writer OpenOffice.org Engineering at Sun: http://blogs.sun.com/GullFOSS Please don't reply to "[EMAIL PROTECTED]". I use it for the OOo lists and only rarely read other mails sent to it. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
