On 20/02/13 at 10:49am, micah anderson wrote: > > Developers never made a mistake leading to a security problem, so > Debian's one mistake in 2006 should be forever trotted out as an example > of how Debian sucks, good point. > > Sorry, but this distinction between Developers doesn't make sense, many > Debian *Developers* are developers themselves, often upstream to the > packages that they are shipping.
They are developers, but not for the project they are maintaing in debian (or not all). My point is that, if there exist a program A, its developers know a lot more than the corrisponding debian packager, and they are the only that could patch at "least bad". And this principle is showed perfectly for the PRNG example which I cited. And that lead to follow distro with a "rolling" release cycle, and go away from "stable", "testing", "unstable", "embryo", "only_uml_diagrams_and_not_a_single_line_of_code" etc etc etc release cycle, which introduces complexity (which lead to bugs). Anyway, we are free to choose what fit our requirements. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech