[linux-elitists] Surveillance

Seth David Schoen schoen at loyalty.org
Sat Sep 7 09:18:42 PDT 2013


Raistlin Majere writes:

> And do you think all of those Gentoo users are doing code reviews of all
> of the source code they compile to ensure there are no back doors in the
> code?

No, but I think it's safer at several levels to have a meaningful way to
check that the code that you're running is the same as some
widely-published source code.

I actually think Raymond's Law is being proven wrong, at least for some
interpretations -- we don't seem to have the social structures or
incentives for very much free software source code to be proactively
reviewed by anyone other than its author, at least when the bugs aren't
obvious to end users in their daily use.  However, taking binaries from
someone without a way to know how they made them is an _extra_ level of
risk.

-- 
Seth David Schoen <schoen at loyalty.org>      |  No haiku patents
     http://www.loyalty.org/~schoen/        |  means I've no incentive to
  FD9A6AA28193A9F03D4BF4ADC11B36DC9C7DD150  |        -- Don Marti


More information about the linux-elitists mailing list