> On Fri, Dec 17, 2010 at 7:59 AM, Theo de Raadt <firstname.lastname@example.org> wr=If that is the case -- that people would dismiss it automatically -- then the community is really stupid. You are almost arguing that that is the way it should be. Allegation of not, code should always be checked, and re-checked, and re-checked. What I am seeing is that we have a ridiculously upside-down trust model -- "Trust the developers". We never asked for people to trust us. We might have "earned some" in some people's eyes, but if so it has always been false, even before this. People should trust what they test, but the world has become incredibly lazy. We build this stuff by trusting each other as friends, and that is done on an international level. If anything, the layers and volume of trust involved in software development should decrease trust. Oh right, let's hear some of that "many eyes" crap again. My favorite part of the "many eyes" argument is how few bugs were found by the two eyes of Eric (the originator of the statement). All the many eyes are apparently attached to a lot of hands that type lots of words about many eyes, and never actually audit code. If anything, the collaborative model we use should _decrease_ trust, except, well, unless you compare it to the other model -- corporate software -- where they don't even start from any position of trust. There you are trusting the money, here you are trusting people I've never met. OK, so I post it, and then noone asks him for proof, now it suddenly has more strength? I am so bloody dissapointed in the community that uses our stuff. How dismal. What a dismal world view.
|Greg KH||Og dreams of kernels|
|Jens Axboe||[PATCH 31/33] Fusion: sg chaining support|
|Arnd Bergmann||Re: finding your own dead "CONFIG_" variables|
|Mark Brown||[PATCH 2/2] Subject: natsemi: Allow users to disable workaround for DspCfg reset|
|Tony Breeds||[LGUEST] Look in object dir for .config|
|Brian Downing||Re: Git in a Nutshell guide|
|John Benes||Re: master has some toys|