A couple key phrases come to mind when reading this:

1) conflict of interest (he's selling "a solution")
2) inappropriate comparison (embedded OS vs. general OS)

I have no problems with someone pointing out flaws in XYZ product when compared to ABC 
product, provided:

a) they're an independent, uninvolved 3rd party
b) the two products are identical in feature, function, and purpose.

So there are "a couple trusted people" who do the core work.  I wonder what their 
price is to put a flaw in the product?  If they're smart enough to know the entire 
system, they're undoubtedly smart enough to hide a subtle flaw.  Money?  Compromising 
photos?  Threats against themselves or families?  What would it take?

Frankly, I found the entire article nothing but a not-so-thinly veiled advertisement.  
Would he be so bold in comparing against VxWorks or QNX?  Those are his direct 
competitors, not the general Linux kernel.  If he wants to go head to head against 
Linux, he needs to specifically cite and compare against the embedded Linux 
distributions, be it uClinux or other.

Kind Regards,

> -----Original Message-----
> Behalf Of Kenneth R. van Wyk
> Sent: Thursday, April 29, 2004 8:25 AM
> Subject: [SC-L] White paper: "Many Eyes" - No Assurance Against Many
> Spies
> FYI, there's a white paper out by Dan O'Dowd of Green Hills Software (see 
> http://www.ghs.com/linux/manyeyes.html) that "It is trivial to 
> infiltrate the 
> loose association of Linux organizations which have developers 
> all over the 
> world, especially when these organizations don't even try to prevent 
> infiltration, they accept code from anyone."
> Although I don't agree with the positions expressed in the paper, 
> I still find it
> interesting to hear what folks have to say.  A story re the paper 
> has been 
> picked up by Computerworld and LinuxSecurity.com thus far.
> Cheers,
> Ken van Wyk
> http://www.KRvW.com

Reply via email to