Reply
Thread Tools
Posts: 915 | Thanked: 3,209 times | Joined on Jan 2011 @ Germany
#51
Originally Posted by pichlo View Post
I am sorry, sulu, if I misunderstood or, worse, offended you.
Well, I admit I was quite irritated, especially because I didn't expect such a broadside from you, who I consider a reasonable discussion partner.
But, no, I didn't feel offended.

Originally Posted by pichlo View Post
  1. You: "How can you be sure that [something or other] does what it says when no one outside Microsoft can see the code?"
  2. Me: "How can you be sure that of any code, including FOSS? I know that someone can inspect FOSS code in theory, but are you sure that someone really does? Always?"
  3. You and a handful of others: "The code is open, someone can."
  4. Me: "Yes, I know that, but that was not my question. Are you sure that someone always does?"
  5. You and a handful of others: goto 3
You can only go around the loop so many times before it gets tedious
Sure, I see your point. But then I guess, I didn't make 3 clear enough.
Of course I'm not sure that someone really checks all FLOSS code. Always.
In fact, I believe that most code is actually never checked. A good (though harmless) demonstration of such an example was [1].

But I still believe, that even the theoretical chance of checking code is a big advantage of FLOSS over CSS, because if you actually do care for checking it, you can do that (or tell someone you trust to do it). You don't even get this (admittedly largely theoretical) chance with CSS in the first place.

Now, you say you don't trust FLOSS anymore than you trust CSS, because you've checked none of them and you see no realistic way to change that.
If you put it that way, I'm totally with you, but I believe your assumption that you have no realistic way to change the situation is at least overly pessimistic.

You remember that geek from Windischeschenbach you talked about and how you don't trust him because you don't know him?
What if I tell you, this guy is me? Would you trust me? Have you trusted me, when using my ED images (I could have put any amount of nasty stuff in them)?
I mean, you don't actually know me either. We've never met. To you I'm just some random guy on the internet. But we're part of the same community, members who both have some sort of long-lasting good reputation in this community. If I do something nasty and you expose this, because you actually checked my work, then my good reputation goes right out of the window.

You know what? Let's make this more realistic, because of course I'm not that guy from Windischeschenbach, and quite frankly I'm just a small fry when it comes to contributions to this community.
Let's talk about real heavyweights like pali or freemangordon. Over the years they've invested a lot into this community and I'm sure pretty much every N900 owner uses their code. So if someone would discover, one of them knowingly introduced backdoors or things like that, they'd lose the trust of this whole community and it might even reach into their real lifes, in case they used their contributions here as a reference there.

I believe the biggest difference between FLOSS and CSS is not so much the openness of the code, but the fact that FLOSS is about communities while CSS is about vendors and customers.
In communities the currency is trust, in vendor/customer relationships it's money. So if I want trustworthy software, I'll preferably get it from somewhere, where trust is of essential value.

Originally Posted by pichlo View Post
At the end of the day, it is a matter of trust. You implicitly distrust Microsoft and trust FOSS. I say any implicit trust in anything is unjustified and leads to a false sense of security. Did you, personally, check all the code you use? I very much doubt it, regardless of how open it is. Ergo, you cannot trust it any more than any closed source. End of story. That is how I see it and how I approach any code, FOSS or not. Suspicious until proven trustworthy. YMMV.
Well, you might be right, but I hope you're not. Because if you are, then I see no reason why to stop applying this model to software only.
You could also say, that you can't trust people until they prove otherwise. The problem with this kind of proof is, it can never actually be brought. Different people act differently in different situations. So even if person 1 proves his trustworthyness in situation A, while person 2 turns out to be untrustworthy, their roles might be switched in situation B.

Originally Posted by pichlo View Post
One might even go a step further and say that, in a way, it is better to use something you know you cannot fully trust, thus being constantly reminded to be vigilant, than to use something you believe you can trust and drop your guard completely.
Now review this statement of yours in the light of what I just said about people.
If you constantly stay vigilant and never drop your guard completely, you'll never actually get close to someone else, because you're always going to hold something back. No (true) friends, no lovers (beyond the "physical aspect"), nothing of that which I consider to be the true essence of life.
Trust always includes a leap of faith. If you don't perform that leap, you'll always be limited to your own self.


[1] https://bugs.debian.org/cgi-bin/bugr...cgi?bug=819703
 

The Following 7 Users Say Thank You to sulu For This Useful Post:
Posts: 915 | Thanked: 3,209 times | Joined on Jan 2011 @ Germany
#52
Originally Posted by nthn View Post
Regarding the 'benefits of open source' discussion, I'll just point to this short article by rms. You (sulu and others) bring practical arguments into a discussion which is purely about ethics. pichlo is right here, In that there is nothing inherently more trustworthy in 'open source' than in 'closed source' software. You place your trust in people, not in code.
You're both right and wrong.
I largely agree with this statement of RMS you linked and I also agree with pichlo about FLOSS not being inherently more trustworthy than CSS.
However, BECAUSE trust is about people and software is about technology, you need some sort of translation matrix to bring them both together.
FLOSS is that translation matrix, more precisely it's two of them:
Free Software and Open Source. Both trying to reach the same goal from different starting points and for different reasons.
 

The Following 4 Users Say Thank You to sulu For This Useful Post:
pichlo's Avatar
Posts: 6,445 | Thanked: 20,981 times | Joined on Sep 2012 @ UK
#53
Originally Posted by sulu View Post
...I didn't expect such a broadside from you, who I consider a reasonable discussion partner.
Thank you, much appreciated. Really.

Also, hence my apology. It was not meant to be a broadside. I could sense that I was not getting my point across and was just trying harder. Perhaps too hard.

Regarding your other points, you are absolutely right. Strictly speaking, you cannot really trust anyone, even your closest friends. There have been countless examples throughout history proving that ("Et tu, Brute?"). But you cannot go through your life constantly looking over your shoulder, as I also mentioned in post #13. The answer is, IMO, striking the right balance. It is your own decision what the balance is.
__________________
Русский военный корабль, иди нахуй!
 

The Following 5 Users Say Thank You to pichlo For This Useful Post:
Community Council | Posts: 4,920 | Thanked: 12,867 times | Joined on May 2012 @ Southerrn Finland
#54
Originally Posted by HtheB View Post
Windows Subsystem for Linux (WSL) and a lot of other Linux features:

It has a full blown Linux 3.4 kernel in the core of the Windows operating system, including full support for VFS, BSD Sockets, ptrace, Bash shell, and a bonafide ELF loader.
A nitpick; WSL does not have a linux kernel, it's an API translation layer very much like WINE but the other way around; the linux library calls are translated to equivalent windoze library calls.

It is a neat thing however, and might be of use to people who for some reason are locked to windows environment and can't or dont want to use a VM.
 

The Following 6 Users Say Thank You to juiceme For This Useful Post:
Posts: 339 | Thanked: 1,623 times | Joined on Oct 2013 @ France
#55
Originally Posted by juiceme View Post
A nitpick; WSL does not have a linux kernel, it's an API translation layer very much like WINE but the other way around; the linux library calls are translated to equivalent windoze library calls.

It is a neat thing however, and might be of use to people who for some reason are locked to windows environment and can't or don't want to use a VM.
Yes, it mainly has the "GNU" part of the "GNU/linux" system.
It works very well for command line. The local disks are mounted over /mnt/ so can be accessed. I grep a lot of things that way.
Graphical apps can be launched from the linux subsystem if they support X11, and you start Xming (an X11 server for windows) on the Windows side. Not tested fully, but the little I tested worked ok (feels a little bit slower than a native display however).

For me, it replaced cygwin I was using before for that kind of things.

There are still some limitations, like access to serial ports (should be in a future update if not yet added, I have to check that again, didn't worked last time) and some other hardware (not sure USB devices can be accessed directly for example?).
 

The Following 6 Users Say Thank You to Zeta For This Useful Post:
Reply

Thread Tools

 
Forum Jump


All times are GMT. The time now is 21:34.