Edmund Storms wrote:
This helps explain the situation, Stephen. However, suppose I make
some neat changes in an open source program and add a few backdoors.
As Stephen A. Lawrence explained, the "kernel" (core program code) is
protected and comes from an authorized source. In the case of Linux,
it comes from an organization headed by Linus Torvalds. You can add
extensions and features for it, just as you can write programs for
Windows, but you can't mess with the kernel. People writing
extensions, features and programs sometimes find ways to subvert
programs. The same thing can happen with Windows (closed source), or
with the Firefox browser, which is open source. Open source may make
it a bit easier for a skilled hacker to invade the program, since the
paths into it are available in source code.
A volunteer programmer might also ingratiate himself with the project
and then sneak in a trapdoor. People check out, modify and then check
in code here:
https://developer.mozilla.org/En/Developer_Guide/Source_Code/Mercurial
The thing is, before new code is implemented, other people review it,
and a back-door would stand out like a sore thumb, in source code.
You can't see it in a compiled program. Obviously, if someone "checks
out" a section of code, adds a bunch of mischievous stuff, and then
checks it back in, they will throw that person out of the project.
They also throw out incompetent people who mean no harm.
It works a bit like Wikipedia except they respect expertise.
I expect that Google will be open but not available for anyone to
check out, modify, and check in. It will be "open" in the sense that
you can read it, not open to modification.
This is somewhat analogous to an "open" experiment meaning you tell
everyone every detail and post all your data on the Internet (which I
wish someone would do), versus an "way-too-open" experiment in which
anyone can walk into the lab off the street and start messing with
the electrolyte or diddling with the dials (which would be insane).
- Jed
