Star The Torvalds Transcript
Linked by Thom Holwerda on Wed 21st Mar 2007 16:44 UTC, submitted by diegocg
Linux LWN writes about a InformationWeek interview to Linus Torvalds: "Finally, the real basic issue is that I think the Free Software Foundation simply doesn't have goals that I can personally sign up to. For example, the FSF considers proprietary software to be something evil and immoral. Me, I just don't care about proprietary software. It's not 'evil' or 'immoral', it just doesn't matter. I think that Open Source can do better, and I'm willing to put my money where my mouth is by working on Open Source, but it's not a crusade - it's just a superior way of working together and generating code."
E-mail Print r 2   78 Comment(s) http://osne.ws/dj0
Thread beginning with comment 223312
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: NOT EVIL?
by SEJeff on Wed 21st Mar 2007 19:31 UTC in reply to "RE[2]: NOT EVIL?"
SEJeff
Member since:
2005-11-05

To someone that has an interest in the software, whether it is OSS or not doesn't much matter. You are right in that it is easier to find bugs when you can look at the code directly. This also often means the bugs get fixed faster (but not always).

Linus's Law is generally very true.
http://en.wikipedia.org/wiki/Linus%27s_law

Look at how quickly bugs are found in OSS. A good example would be where someone hacked the wordpress.org server and manually added a backdoor. Through code review, the obvious backdoor was quickly found and a new release issued:
http://wordpress.org/development/2007/03/upgrade-212/

So (in general) OSS is a double edged sword in that bugs are found and fixed much faster than closed counterparts. Take a look at this, the numbers are quite impressive http://scan.coverity.com/rungAll.html

Also, anyone who has used IDA Pro for a few months and knows C + ASM can find bugs in windows software fairly easily. It doesn't take much experience. Something as simple as a fuzzer works just as well for finding exploitable bugs in closed or open source software.

LMH, the entity behind the Month of Kernel Bugs and the Month of Apple Bugs happens to prefer using fuzzers to find exploitable holes in software.

Reply Parent Bookmark Score: 3