Thank you for joining in the discussion. I would like to hereby remind fellow list members of the context.
I am sorry that Daniel Stenberg, maintainer of cURL chooses the term "open source" in the following. But we should understand what he is talking about. Call it the "free software pyramid" if you so desire. LogJ4 Security Inquiry - Response Required https://daniel.haxx.se/blog/2022/01/24/logj4-security-inquiry-response-required/ I think maybe this serves as a good example of the open source pyramid and users in the upper layers not at all thinking of how the lower layers are maintained. Building a house without a care about the ground the house stands on. Enforcing the pyramid of Open Source https://daniel.haxx.se/blog/2022/01/17/enforcing-the-pyramid-of-open-source/ --- According to Daniel Stenberg, there exists a pyramid in which the companies at the top make much money by selling products and services which make use of free software components. Those on the bottom of the pyramid commonly get little or no money for the work of producing and maintaining the fundamental building blocks. Because they form the foundation of sophisticated software and services, problems at this level may have widespread, devastating effects. The general public, corporate directors, educators and elected officials do not understand that this is going on. Stenberg provides email from a big company which he believes attests to this lack of understanding. Recently there is discussion on the book "Just for fun" by Linus Torvalds and David Diamond. I would like to emphasize that this book is intended for a general audience - not computer experts. Ordinary people have but a vague idea of what an operating system is. What does someone like that imagine from the word "OS"? Likely Microsoft Windows and Mac-OS. Those who hear that "a young Finnish student named Linus created Linux, an OS, mostly by himself" will imagine that he made something like MS-Windows, or at least MS-DOS. Any writer who desires to explain correctly what feat Torvalds accomplished should make clear in language appropriate for the layman that his creation, should it be called the "Linux OS", is something remarkably different from MS-Windows. There may be passages in "Just for fun" which indicate that Torvalds was well aware that he was making no more than a kernel and borrowing other vital OS components. But we cannot expect the general reader to make that distinction. Daniel Stenberg warns that we should brace ourselves for more security problems in the future - unless the environment changes. I firmly believe that the widely observed behavior of technology writers and self-proclaimed experts failing or refusing to understand that Linux is a kernel and not an operating system is a glaring symptom which indicates that the environment that requires reform.
