From: Alan Browne <alan.browne@FreelunchVideotron.ca>
Subject: Re: OpenSSL development (Heartbleed)
Date: Sat, 19 Apr 2014 15:12:42 -0400
Date: 2014-04-19T15:12:42-04:00 [thread overview]
Message-ID: <3ZSdnd4A49AxV8_OnZ2dnUVZ_qSdnZ2d@giganews.com> (raw)
In-Reply-To: <5352a76f$0$6720$9b4e6d93@newsspool3.arcor-online.net>
On 2014.04.19, 12:42 , Georg Bauhaus wrote:
> On 19/04/14 18:06, Alan Browne wrote:
>> On 2014.04.19, 11:36 , Georg Bauhaus wrote:
>>
>>> In between, reports of booing, bemoaning, and demanding; journalist
>>> tries to establish a scape goat (OpenSSL users don't fund!).
>>> No proof, no clear indication of causation, but alluding in style.
>>> By saying that OpenSSL is not a well funded project, she obviously
>>> tries to imply that this is (a) true in effect, and (b) that funding
>>> prevents bugs. (a): most of OpenSSL does exist only after work
>>> of payed employees. (b): See bugs discovered at the same time in well
>>> funded MS Word and MS Outlook projects, of similar reach.
>>
>> And how does that make you feel?
>
> Depends. Sometimes I feel that industry should rid itself of
> its dependence on so few suppliers of an ever increasing number
> of "industry standards", open source or not, and on
> PR style people. Some things are just too important for healthy
> living, both at work and at home. So important that these things
> should be exempt from being nothing but a business opportunity.
I think so too.
IMO interchange on intra/internets should be formal standards based.
Those standards should be done in the same manner as aerospace and
defense s/w. It's okay if a pool of companies create the company that
does so - but the sole source of release should be that company.
>> Please see this as well:
>>
>> http://bits.blogs.nytimes.com/2014/04/18/openssl-and-linux-a-tale-of-two-open-source-projects/?action=click&contentCollection=Technology&module=RelatedCoverage®ion=Marginalia&pgtype=article
>>
>
> Same thing...
No. Where OpenSSL is underfunded and has a population of maybe 4
programmers dedicated to it (the guy who created the bug not being one
of the 4) released an important security breach upon the masses;
Contrast with OpenSourced Linux which has a well (corporate) funded
organization and has a lot more eyeballs on the code and hasn't (Linux
itself) suffered any major or embarrassing problems.
That was the point of the article.
--
"Big data can reduce anything to a single number,
but you shouldn’t be fooled by the appearance of exactitude."
-Gary Marcus and Ernest Davis, NYT, 2014.04.07
next prev parent reply other threads:[~2014-04-19 19:12 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-19 14:31 OpenSSL development (Heartbleed) Alan Browne
2014-04-19 15:06 ` Nasser M. Abbasi
2014-04-19 15:41 ` Alan Browne
2014-04-19 15:36 ` Georg Bauhaus
2014-04-19 16:00 ` Yannick Duchêne (Hibou57)
2014-04-19 16:34 ` Georg Bauhaus
2014-04-19 17:06 ` Yannick Duchêne (Hibou57)
2014-04-19 19:13 ` Georg Bauhaus
2014-04-19 20:39 ` Yannick Duchêne (Hibou57)
2014-04-19 19:42 ` Alan Browne
2014-04-21 23:51 ` Randy Brukardt
2014-04-22 15:20 ` G.B.
2014-04-22 16:33 ` Dmitry A. Kazakov
2014-04-22 16:57 ` Simon Clubley
2014-04-22 19:53 ` Dmitry A. Kazakov
2014-04-22 20:49 ` Yannick Duchêne (Hibou57)
2014-04-23 5:38 ` Natasha Kerensikova
2014-04-23 7:30 ` Dmitry A. Kazakov
2014-04-23 7:40 ` Natasha Kerensikova
2014-04-23 8:04 ` Dmitry A. Kazakov
2014-04-23 8:20 ` Georg Bauhaus
2014-04-23 7:42 ` Egil H H
2014-04-23 8:06 ` Georg Bauhaus
2014-04-19 16:06 ` Alan Browne
2014-04-19 16:42 ` Georg Bauhaus
2014-04-19 16:59 ` Georg Bauhaus
2014-04-19 19:12 ` Alan Browne [this message]
2014-04-19 20:20 ` Georg Bauhaus
2014-04-19 20:53 ` Alan Browne
2014-04-19 21:10 ` [OT] OpenBSD, was: " Simon Clubley
2014-04-19 21:53 ` Alan Browne
2014-04-19 22:15 ` Nasser M. Abbasi
2014-04-19 22:34 ` Alan Browne
2014-04-20 8:17 ` Georg Bauhaus
2014-04-20 16:49 ` Alan Browne
2014-04-22 12:18 ` G.B.
2014-04-19 15:47 ` Yannick Duchêne (Hibou57)
2014-04-19 16:21 ` Alan Browne
2014-04-19 16:46 ` Georg Bauhaus
2014-04-19 19:22 ` Alan Browne
2014-04-19 20:33 ` Georg Bauhaus
2014-04-19 21:10 ` Alan Browne
2014-04-19 16:50 ` Yannick Duchêne (Hibou57)
2014-04-19 19:25 ` Alan Browne
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox