Re: Don't discredit OVC with falsehoods!

From: David Mertz <voting-project_at_gnosis_dot_cx>
Date: Fri May 07 2004 - 12:24:33 CDT

On May 7, 2004, at 1:12 PM, charlie strauss wrote:
> I wrote to Bev Harris this morning to compliment her on the points
> about the certification process flaws she was making and pointing out
> the technical overstatements on the compiler attack.
> The point she was making was of course a good one.

Indeed. The general point was right. I guess I'm sensitive to the
overstatement about Thompson's trojan because it has recently been
promulgated in anti-Linux FUD.

While their point doesn't make sense, the FUDsters try to make a point
that Linux is insecure, presumably because it -had- and -still has-
trojans like Thompson described (at least by insinuation)... while,
mysteriously, proprietary OSs would be free of this attack.

> It's true the intrusion was on a code branch but that branch could
> easily have been check in to the main code

I guess I have more confidence in the social process of Linux
development. I don't think the branch with the error would have made
it in, in any case. Y'know, not a lot of people have final kernel
check in privilege. My understanding is that it's limited to two or
three people: Linus Tovalds and one or two people he trusts (it used to
be Alan Cox, but I don't think he has that role now).

Yours, David...

Keeping medicines from the bloodstreams of the sick; food
from the bellies of the hungry; books from the hands of the
uneducated; technology from the underdeveloped; and putting
advocates of freedom in prisons.  Intellectual property is to the
21st century what the slave trade was to the 16th.
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
Received on Mon May 31 23:17:22 2004

This archive was generated by hypermail 2.1.8 : Mon May 31 2004 - 23:18:16 CDT