[conspire] A bit more on that "worm"

Don Marti dmarti at zgp.org
Wed Nov 16 10:11:05 PST 2005


begin Tony Godshall quotation of Mon, Nov 14, 2005 at 02:26:45PM -0800:

> And of course the source code is inspectable, so chances of
> people sneaking in malware is negligible and quickly
> corrected.

Let's not all get too hippy-dippy about access to
source code all at once.

If you don't do a code review yourself, and you don't
put a trusted intermediary in the path that the code
takes to your machine (Debian package maintainer
between you and userspace developers, or Greg K-H
between you and Linus Torvalds), then you're no better
off than if you didn't have source access at all.

Where "Open Source" can -- but doesn't necessarily --
work better than "Shared Source", "Gated Source" or
"Viewable Source" is in enabling those intermediaries
to help you.  But until you are using an intermediary
(editor?  gatekeeper?) "Joe's Random SourceForge
Project" doesn't have anything going for it that
"Joe's Random Proprietary Software Startup" doesn't.

-- 
Don Marti
http://zgp.org/~dmarti/
dmarti at zgp.org




More information about the conspire mailing list