On 2/7/07, Jim Davis <[EMAIL PROTECTED]> wrote: > > > -----Original Message----- > > From: Denstizzo [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, February 07, 2007 12:43 PM > > To: CF-Community > > Subject: Re: Why Linux is more secure than Windows > > > > There are people you pay to administer it. Same as anything else. > > We've been over this before, however. Free don't mean Free. > > Expensive don't mean expensive. Well, you know. That whole idea. > > > > Nick, the source code can directly tell you it's secure, that's what > > all source code could do. Only one way takes decompilers, and > > it's illegal to contribute. > > One of my few problems with the Open Source movement (not Open Source > software mind you) is this idea. > > The fact that everybody CAN look at the source isn't, to me, the > issue. The > number of people that actually examine the source of a large project like > Linux or Apache is incredibly tiny. This is for the simple reason that > the > number of people that actually have the ability to understand the source > is > incredibly tiny compared to number that need the functionality provided.
I'm sorry Jim, I love ya man, but I gotta refute your claims. =] Are you proposing that the number of people who know C++, isn't that large? Or perhaps that it's so difficult to pick up a language, that there aren't many people familiar with them? I don't think that's the case, but you seem to imply that it's difficult to look at source and understand what is going on. Which it may be. For some people. I can generally understand, as well as gain insight from reading source. It has helped me many times. That's /part/ of why version control and bug tracking is nice; you get to a bug, sometimes someone else already got to that bug, with another app, and viola, you can see the DIFF of what was done in the revision that fixed the problem. I don't refute your, to steal someones analogy, "Flying in the airplane" mentality. Not many of the people who fly in them, could fly them. I also don't refute that, just because it's out there, people are looking at it. It's possible no one has! But that IS sorta the whole point. I think high security places actually have to audit code, and whatnot. Are you telling me it's just as easy to audit closed source as open? ARE YOU!!! ANSWER ME!!! :-) Sorry for the tone, esse! For the vast majority of users there is essentially no difference between > open and closed source in this respect: when something goes wrong they > look > to the vendor to fix it. Well, there is one HUGE difference. With open source, the "vendor" can be anyone with the know-how. Closed, by definition, is less open. :) I wouldn't be at all surprised, in fact, if the number of people seriously > working on, say, the Apache codebase was about equivalent to the number of > people working on the IIS codebase. I would. =] It's easy enough to look up. For Apache, at least. ;] Basically all I'm saying is that the ability to look at the source is > important to very few people. I hear you on the whole "relative" part, but I still gotta say, "very few" can == millions. Still tho, I know most people just want to ride, vs. fly. And who really teaches themselves? ;-) The basic requirements are the same for both open and closed source in any > segment. Things like security, usability, productivity, performance, etc. Sure. But in one case, only a "select" few can do anything. In the other, at least the selection is up to the individual (and is potentially limitless!). Now you can make an argument that open source, for example, improves > security because there are some very smart people looking at it. That's > fine, arguable (apparently infinitely arguable), but fine. That's not my argument at all. Although a debate rages (apparently), you won't see me arguing smarts as open source's claim to fame. No, it's the transparency. Same think I want in government. I am from a day that is apparently fading into/from memory. Where MS would intentionally "hide" stuff in the source that messed up their competitors. Where Apple was a nazi about software AND hardware. A age that is coming to an end. ( *I* knew it would, as it's "logical". At least in a Free country. =] ) But the idea that a problem in open source software is less problematic than > in closed source because "you can just fix it yourself" always strikes me > as > completely silly. Well, I can see how it would, seeing as how you don't do it. But believe me, it IS POSSIBLE! Really, and truly. If you had the want, you could, and that is all it would take. Not millions of dollars, lawyers, etc.. Just you! What I like more, is the ability to extend. It's awesome to add on to stuff. Software is software, there are problems, that's just part of the game. But at least if I did some cool think^hg, *I* could profit off of it, vs. some big company that "owns" it all, and thus takes a cut (if they even let you do your thing). Where this argument DOES work well is in programming: where the open source > component extends an environment that the end user is expected to be > somewhat familiar with. I'm all for "open sourcing", say, CFML or > JavaScript or Python - there's a legitimate possibility that the person > using the code WILL modify it. See, I think this contradicts what you say on top. It's sorta like "for me, I don't use it, so it's not important, but the stuff I *do* use, well, that's important". I'd say the same argument you apply to CFML applies to, say, C++. But perhaps I have this whole programing/whatnot wrong? Have you actually done any searches for stuff with Apache? There are TONS of people extending things, wanking on odd stuff, etc.. Modifying it, extending it. Is it because they're super smart? Or because they can? Are you honestly telling me that you don't think there would be "pilots" to justify selling planes to the public? Ah... *sniff* looks like things are going that way, anyways. For a bit, at least, you can still build and fly your own airplane. I think that that's awesome. Someday I'd like to build one. Because I'm not right now, doesn't take that neatness away. But as the gulf grows wider (as in the difference between using a web > browser and building one) the "open source" aspect of open source becomes > less and less meaningful to more and more users. Well, I get the gist of your argument. I think you're logic is biased at a low level though. What, pray tell, is bad about open source? If we're all passengers anyway, what does it matter, at that level? I mean, we've already covered the fact that OS suffers from the same stuff closed source does, but what do you base your argument on besides "that part isn't important to me, and will probably not be important to others"? Given the fact that it's important to at least one person you know, ya know. =] Open Source Rocks! Plain and simple. Heh. Remember that old argument about how closed source was easier to direct, had more controlled patterns, whatnot? That was while open source success was pretty small*. I don't think you'd see Apple (and MS give lip service about) getting on the OS train if it wasn't superior to the "old way". *yet still a whopping segment, numbers wise. Re: Apache, neh? ;-) Well, I'm biased toward open source. I might think it's logic, but well, that's a slippery slope. Bias vs. Logic, heh[1]. ;-) [1] Quantum stuff says something about an observer, and objectivity. Sorry if I come off all foamy at the mouth, Jim. Just me railing against a mind set, not you. You're actually an ok person, believe it or not. :))) And, Yes, you can stick that on yer website. The "Denseal", it's called. If you do, hit me up, and you can join in the link exchange! if you want. =] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http:http://ad.doubleclick.net/clk;56760587;14748456;a?http://www.adobe.com/products/coldfusion/flex2/?sdid=LVNU Archive: http://www.houseoffusion.com/groups/CF-Community/message.cfm/messageid:227319 Subscription: http://www.houseoffusion.com/groups/CF-Community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5
