Slashdot Mirror
US Government Studies Open Source Quality
anadgouda writes "US Department of Homeland Security has released a report on open source quality in an effort to study the security of open source. 31 popular open source packages were studied as part of this effort. From the article: 'Coverity's report, Stacking up the LAMP stack: a study of open source quality, was produced as part of a $1.24m, three-year DHS Science and Technology Directorate effort to evaluate and improve the security of open source.'"
So, does anyone have the numbers as to how much of the government uses open source? Is it mostly an applications thing (OpenOffice) right now, or are Linux and the BSDs much in use?
Religion for nerds. Stuff that really matters
This study would be extremely valuable if they had submitted BZilla bugs for each and every defect they encountered. It's hard to tell from the article whether they did or not. One thing that I have learned from running ~arch in Gentoo is that if you don't submit bugs, things aren't going to get fixed.
BBH
I feel very conflicted by this report. On the one hand, I'm happy to see a report that favors open source. On the other hand, in the wake of the Katrina political fallout, it's difficult to say whether this report helps or hurts. The last thing LAMP needs right now is to get caught up in Brown/Chertoff/GWB affair. The only thing worse would be to have the UAE issue a similar report. :-)
If you don't want crime to pay, let the government run it.
Open-source software is a serious threat to this country. These terrorist schemes, or "development projects," as the terrorists refer to them, are designed to rot away the core values of our great nation that we hold so dearly. One in particular, known as "Linux," is especially suspect. It is "developed" by terrorists worldwide, many of which are communists, and many of which do not even support our great commander in chief! It is apalling! How can we trust the security of our nation to these rogue "developers?" Surely they may have hidden devices in their programs, hidden in elaborate matrices of computer programming, that when activated by the terrorists, will disable the software and send them all of our secret data! It can only be expected.
The terrorists are cunning, they are secretive, and they will destroy us if they have their way. This world-wide "open source" terrorist movement must be deconstructed and eliminated. There is no other way to protect our Great Nation! We say to you, as the purveyors of truth and all that is good, avoid this "open source" and its proponents like the plague! They wish to destroy everything we hold dear. You, my good American, are the first line of defense. Report users of "open source" to the authorities. Gather any information on them that you can. You may even consider running their dastardly "software packages" in your own free time, so that you may come to know your enemy - for knowledge is the greatest tool that we have in this fight.
Stand proud, my fellow Americans, and beware this new emerging beast. It will surely be the end of us all if we do not take action now.
Quoted from President George W. Bush's State of the Nation Address, January 2007.
hello dear sirs my name is jamesh i are india (bihar) can u guide me install red had linux 9?
One would expect that being about open-source and all, and with a purpose of helping open-source developers improve the quality of their code, they would publish the report on a governement website somewhere. C'mon, where's the link?
the report have a better coverage on this page: http://www.eweek.com/article2/0,1895,1909946,00.as p
/. or not
from this TFA:
"Anti-virus vendor Symantec Corp. is providing guidance as to where security gaps might be in certain open-source projects."
PS:i am not sure if it has been published on
everyone downmodding this post will be prosecuted for reading my post without first buying a license!!!
I've always thought it VERY odd to think about "Open Source" as a thing.
t ware_pricing.html really puts into better perspective.
Basically, it says ALL software can be deconstructed to being about the service (at least so long as the technology curve continues, in practice, to limit its lifespan).
It'd be like saying: We studied the quality of software compiled with the Watcom 10.0 C++ compiler. "Open source" cuts across so many levels of skill and projects. You can pretty find projects that support (or destroy) whatever thesis you'd like to put forward
Even more, somebody pays for the development of the software, one way or another.
This artlice (from ONLamp) http://www.onlamp.com/pub/a/onlamp/2005/07/21/sof
--
graphicallyspeaking
graphically speaking
I'm glad to see that one of the first Digg Trolls chose to reply to my post. Have a good one buddy!
hello dear sirs my name is jamesh i are india (bihar) can u guide me install red had linux 9?
Damn you didn't even read the f**kin summary!
"...has effectively given the Linux, Apache, MySQL and Perl/PHP/Python (LAMP) stack a healthy rating. LAMP "showed significantly better software quality" above the report's baseline with an average of .32 defects per 1,000 lines of code, according to Coverity. The average for open source projects analyzed is .42 per 1,000 lines."
What would be interesting to know is how they determined a baseline of .32 defects per 1000 lines of code as their baseline, and how so called commerical products, like Oracle, Windows, MSSQL, etc. fared against the same baseline.
thats really the question isn't it? is Open Source more or less secure than any of the closed systems?
--My signature is six words long.--
The parent is wasting valuable time on Slashdot that should be spent finalizing his Independent Study project for the College of Wooster. He has precious little time left.
...New Zealand's recent analysis of open source, which focuses on legal issues.
is good for the gander?
I wonder what "bugs that can corrupt a machine's memory space, memory leaks, buffer overruns and crashes" have been uncovered by looking at the source code of closed source softw... oh. wait. no source. heh.
This might well mean that open source software will, at some point in the future, be considered more secure and well-written than comparable commercial closed source software even by government or PHBs.
You have to wonder about the difference in "errors per thousand lines of codes" metric though. Does one project use
int a;
a = 5;
and the other
int a=5;
?
SCO employee? Check out the bounty
While not used on every desktop, I know of a lot of F/OSS being used everyday in the military. It would be stupid to not use it. Why would companies like Redhat and Novell spend money on getting their software certified to run on classified systems if it wasn't going to get used? While we may be selling out to Microsoft a lot, there are times when those of us who know better manage to convince the decision makers of the right tool for the job. In some cases, it's a MS product, in others, it's something else.
From the article, which I'm SURE you read:
Coverity evaluated 15m lines of open source code with Stamford University's Computer Science Department. The report has identified bugs that can corrupt a machine's memory space, memory leaks, buffer overruns and crashes. Coverity said it would now engage with open source developers to improve code, and identify potential reasons for why some projects have more bugs than others.
Yes, the folks who ran the tests plan to submit their findings to the developers to help squash bugs.
An interesting study was done by the U.S. Military (the Airforce, I believe) concerning Open Source and it's place in the department of defense, though it is written in such a way to be useful to non-military personnel and applications. It is a similar, yet IMHO, a more interesting read than the parent.
The report can be found as a PDF at http://www.stsc.hill.af.mil/crosstalk/2005/01/0501 Tuma.pdf
There are more things in heaven and earth, Horatio, Than are dreamt of in your philosophy.
Does anyone have any factual data on what is "normal" (accepting all the problems of counting lines and bugs in the first place). I've seen estimates range from 2 to a 100 per 1000 lines.
Next time give that money back to us and write "USE OPENBSD" on your report. Better yet, just give them the money, and they'll actually do security stuff with it.
Upon reading the PDF it struck me that if an organisation like the military wanted to use OSS in a more secure fashion, then the use of closed locked down binaries of the code like a default Linux secure network setup is the best option. The problems arise when the individual nodes can be modified willy nilly by malicious code. If you do not include a compiler on the nodes and make sure that binaries cannot be installed by users then you have a blueprint for bullit proof security. Given that the code that is originally compiled into the secure binaries is all visable, it would seem dangerous for the military to use closed source binaries like windows software and remote access sys-admin.
Reminds me of when as a noob, I reported an error in a man page to a project mailing list, hoping somebody close to the project might pick it up and fix it. Nah, the response was: OK, write yourself a new man page.
That attitude still pervades most OSS projects. The result is open source is regarded as by geeks for geeks, and IMHO this, more than any perceived security risks, will keep it off the desktop for a long time yet. Sure, I see quite a few specialist applications coming thru now packaged for MacOS-X. Here's an example (names obscured to protect the ignorant): a multimedia application, gui built on GTK, equal to commercial products of several hundred dollars, well worthy of the suggested paypal donation. But it requires access to the Hardware Abstraction Layer, which is provided by a different oss project, whose raw binaries will do what's needed from the command line, but no gui interface yet, unless you build it, in Qt.
Security problems in OSS are multiplied by forking, and geekishness for its own sake.
It's that good old 'total cost of ownership' - for the two categories you identified the answer is 'lower', but for many people lacking in IT skills it is a more complex calculation - especially in places where their IT support is already contracted out. O/S actually needs to come in and compete in these environments, rather than expecting them to become IT literate.
Advocates need to consider the many places in their lives where they purchase things rather than make or maintain them themselves - for many people without interest in technology, software is in that category - we live in a society where people pay a premium for ready-made meals, despite the repeated message they could save money by making their own.
'Capitalists of the world, unite! Oh
Three years, $1.24 Million, and what do we got .....
...
.32 defects per 1,000 lines of code, according to Coverity. The average for open source projects analyzed is .42 per 1,000 lines."
:)
The envelope please
"LAMP "showed significantly better software quality" above the report's baseline with an average of
Wow, LAMP is a pretty damn high quality stack after all....gee thanks Captain Obvious, we didn't really need those tax dollars for anything anyways.
Well the expected FUD mobile shows up again.
I especially love the "Windows XP and office 2003 just worked" line. That's a rich one. Anybody who has actually worked with those technologies knows how much effort it takes to make them "just work".
I do think you have point about the incompatibilities of the office formats with other software. It's a well known fact that MS products use office formats to undermine other software. I think that people are finally wising up to this and pushing for ODF. Even MS has tried to make the default office format XML based so I think this problem will go away very soon.
What's interesting to me is how different office 12 looks from office 2003 (who the fuck came up with that versioning scheme?). It will be much easier to re-train employees from office 2003 to open office (which looks very similar) then to retrain employees to migrate from 2003 to 12. Office 12 looks and acts radically different then what people are used to.
evil is as evil does
Yeah of course it is, were else besides a Federal Government Agency do you have to spend almost a million and a quarter dollars just to convince the suits that the IT department knows what it's talking about?
if there is one group of people i trust to be able to accurately identify a quality product, it's the government.
go get it
And I wonder how many more millions they can now save by using OSS, now that they know they can be more confident in its quality? Have you ever heard of the word "investment"?
Hmmmmm, wonder what Vista would look like under that scrutiny?...
Hmmmmmm.... Hey, I have a thought: if Microsoft does as it says and allows the Gov't to view it's code (without releasing it), should not this standard of examination be applied to Microsoft's software too so that we could have a better idea of just what level of quality we can expect from the private sector?
*** Don't be dull.***
How much do you get paid for an 'astroturf' post like that? (You're not very good at it though ... the whole formulaic "pretend to be an OSS advocate" to score mod points, it's like you pulled it from a marketing 101 textbook.)
Anybody who has actually worked with those technologies knows how much effort it takes to make them "just work".
Actually, if you're not the one spending the effort, there's no way to tell. For the average corporate user, the above is true because they've no idea how much effort took the IT stuff to make it work. From their point of view, it just works.
If I remember correctly Coverity has been discussed on slashdot previously and they used the same diseased statistical thinking back then, too.
I18N == Intergalacticization
Closed source has the immediate advantage of obscuring your code. Hackers can't pour over your source code for mistakes or the occasional red-flag comments. ("we'll just assume xyz here, will code in a check later when we get specs.") Open source is immediately open to scruteny.
In the short term, closed source is useful because when your code first hits the network no one knows much about the internals, there are no known holes, and finding holes is difficult. Open source is open to immediate and sophisticated attack as the hackers can see the program flow and exploit visible weakenesses.
As time goes on, open source is patched to deal with the flaws. Even though the open and closed source could technically be the exact same program, the open source one benefits from the initial exploitation by rapid evlution. Being open source though, it probably started out a little behind the closed source, because it likely did not have a paid and well-organized development group working on it, so it has a little catching up to do anyway. The closed source also evolves, but only in response to internal testing and analysis, and the occasional black/white hat that finds something by poking through the binaries.
So after a few years, the initial security/stability gap between the two is eliminated. Old open source projects do tend to stagnate after a few years, so development there probably slackens. This happens at about the time you'd expect two competing projects to about equal each other.
The question then is what happens from there? I believe this is very dependent on the open and the closed projects you examine. Open source may continue active development and surpass closed source. Or it may stagnate and be passed by the paid updates released on a continual basis from the closed source.
Because of this I don't believe either model is ideal. Depending on how the cards play out, either one could be the better solution. I'd like to think that open source is the winner, but I'm sure it isn't the clear winner.
I work for the Department of Redundancy Department.
I'm involved in one of the F/OSS projects that Coverity analyzed; and yes, they were co-operative with the dev team in sharing their insights.
Well, at least it can be seen that there is overwhelming bias at slashdot. Not that I care, since I still read the news here.
If any MS (or should I say M$) product were to have been put in an article like that, the mobs would have screamed for Gates's head. However, since it is the all-powerful-silver-bullet-snake-oil open source, all I see are excuse makers and doubters. If anyone is to even take themselves seriously, they must be at least OPEN to the idea that something they believe in is not perfect, and possible quite flawed.
Its one thing to sit in an ivory tower, or garage, and pontificate on the utopian ideals of open source and free love without concern of ramification. It is a completely different thing to be tasked with the welfare of a nation and its people and just HOPE that the software is safe and will work as promised. I can appreciate the Linux/OpenSource/FreeLove ideals of slashdot and its readership, but there is a point when a person has to put personal bias asside and consider that there are greater things at risk than personl pride and being 1337.
Pluralitas non est ponenda sine neccesitate
...Where is the Linux Geek Squad? Yea all those scan-disk, defrag, run adaware and scan for virus "techies" give me the creeps but they seem to fill a need. Where can the mythical grandmother go to get a DVD installed in her Linux box or find out how to fix Thunderbird if the mail folder blows up?...
Actually, there are (more than) a few of us in that Geek Squad who would be perfectly happy providing Linux support. It'll probably never happen... it's great that there are those of us who are technically literate enough to be comfortable working with Linux, but I can't see a nationwide company providing Linux support piecemeal. I'd rather expect them to expect each and every tech they've got working for them to be competent in Linux... which ain't gonna happen. Why? I wouldn't want to be put in charge of bringing all these "scan-disk, defrag, run adaware and scan for virus 'techies'" up to speed in Linux. Can't imagine giving the order, too, or explaining to your shareholders why you're spending such a massive amount of money training tech's on a operating system with such a small marketshare (in residential homes, at least).
Actually, it appears to be a switch back to the old versioning scheme.
w ens Community College</a>
Also, I agree with the comment about the FUD mobile appearing.
I have no problems finding a local community college with Linux classes. I actually took one a few years ago as part of my associate's degree. You may want to try searching for UNIX instead, as Colleges usually keep old names around. The class I took was actually called UNIX Concepts, but was actually taught on Red Hat Linux.
See
EET 175 Network Operating Systems
EET 208 UNIX Concepts
at <a href="https://www.owens.edu/cgi-bin/courses.pl">O
BAN BPL! Keep the radio spectrum free fro
.... you say this [the above], the procede to make an argument based solely on funcitonality and support of software packages available. Do you have anything to back up your initial statement there, that non-Open software is somehow better for applications that require "security" (a vague term at best, in this context, I think - are you talking security against networked crackers, automated worm attacks, attempts to de-crypt encrypted data ... )? I'm not trying to "flame" you, but you don't support the your statement at all in your post, and I honestly can't think of an instance where proprietary or closed source software is "more secure" than F/OSS...
You should move to where there's a better community college - I think it may even be safe to use the word "most" when describing how many schools there are across the country now that are teaching Linux, FreeBSD, or both. Are you saying your school doesn't offer it, or that you can't take it for some other reason?
As a sidelight, note that many schools that have recieved endowments from M$ (thru one channel or another) have magickally dropped the course-work they once had that didn't require the purchase (at a student discount, of course) of M$ products - if that's what's going on at your school, you might want to address it with your administration - after all, when you're paying for an education, they're defrauding you if they don't give you what you pay for - regardless of what M$ is paying them (under the table) not to teach you....
Not sure just what sector of the real world you're talking about, here, but *I* won't hire you if you don't understand operating systems generally (we're talking critical embedded systems here - the stuff that's going to outlive the users who are thinking they need a "new" obsolete PC), and have some skill with anything that can be called one. "Platform Independance" and "Language Independant" aren't just test questions in the Real World outside Microsoft Applications Land - a rich and profitable land to be sure, but nothing grows there so all [brain] food must be imported, and life expectancy is pretty short generally due to contaminated memepools, rarified atmospheres, and the mind numbing depressions induced by the incredibly bleak cyberscapes...)
Anyway - all that said, I do agree with you about support for F/OSS - it is overall diffcult to access, often hard to understand, and generally just unusable for those who are not already to some degree techinical initiates. And that does need to change. Imo.
"The Internet is made of cats."
Why no mention of SE-Linux?
One agency study.
1.5 million dollars spent.
How much did the NSA spend developing SE-Linux?
Must have cost more than 1.5 million. And that is now at the core of Linux.
Yes many in the US Government are aware that Open Source software rocks.
Impeach the Liar
Democrats prefer static modeling because then they can argue against tax cuts. Republicans favor dynamic modeling to support a "trickle down" effect.
.... [M]easures of macroeconomic feedback effects are very sensitive to assumptions that are subjective... Given the degree of uncertainty inherent in current methods of macroeconomic forecasting, true dynamic scoring would not allow the consistent and comparative cost estimates"
From the link you provide:
"[I]instituting a formal policy for the use of dynamic scoring would require planning or estimating around future fiscal policy, taxpayers' future behavior, and future business cycles well beyond the window of time for which they can reliably be predicted
"CBO and JCT do currently provide estimates to illustrate potential effects on the economy of significant tax proposals, at the request of Members of Congress, but such estimates are not official and only offered as supplemental information. Even opponents of dynamic scoring have encouraged this practice to continue in the same sort of advisory, rather qualitative (and not quantitative) manner because, as Kobes and Rohaly explain, they 'show how sensitive a proposal would be to various changes in these [macroeconomic] assumptions. However, producing an estimate in the form of a single revenue or cost number would be misleading.'"
Upshot:
1. The CBO uses static scoring for official estimates, and does so only for non-political reasons.
2. Democrats perfer static scoring for official estimates, which sounds like a better method, but no doubt they do so only for political reasons.
3. Republicans prefer dynamic scoring for official estimates, which sounds like an inferior method, and no doubt they do so for political reaons.
So yes, there is a controversy, and the controversy is politically-motivated.
But no, the CBO's decision in this matter is motivated only by sound accounting principles without regard for political ramifications.
This definitely adds weight to the "more eyes make bugs shallow" principle of open source.
How many closed-source applications would get this sort of helping hand?
I know that there is a Stamford University, and everyone always jokes that it's for people who want to pretend they went to Stanford, but, this just makes things really confusing. The Register article says Coverity used a verifier from Stamford University, when really the program came from Stanford. In fact, AFAIK, UCONN-Stamford doesn't even have a CS department.
To quote the Wendy's commercial, "Where's the Beef?".
No seriously! Where's this article? I'd imagine three years and 1.25 million dollars would produce a hefty article. I'd love to give it a read! "US Department of Homeland Security has released a report on open source quality"- so where's the release?
It cites one or two figures, and throws around lots of buzz-words, but there's no comparison? No information? No study of reliability? Nothing at all.
PS: As a side-note, if they 'studied' 15 million lines of code over three years, and were able to identify defects, shouldn't we be seeing a nice patchset coming from Coverity sometime soon... Think about it. It's easy to tell someone else to fix it, but a good part of OSS is giving back.
when you see the word 'Linux', drink!
- Tell authors about bugs they find, as they find it
- Submit bugs via the project's bug submission system
- Develop a bug submission standard object format and open testing methodology, maybe even a server and some ontology to help automate this stuff?
- Teach developers ways not to make those bugs again
- Develop open automated bug checkers
- Allocate money to hire programmers to fix important bugs in important open source packages
- Establish a government certification of quality which will be fabulous for open source
- Disclose a roadmap to certification for any given software
- Certify private and academic labs for similar certification
But note that the DHS was established to fight terrorist attacks. Anybody doing this kind of service for OSS and able to provide a certification is nice, but the only valid reason for DHS to do this is if they have special knowhow about potential vulnerabilities of software to cyberwar (NOT - they are using antivirus firms instead of the military to get knowhow) this is really not in their purvue.I am troubled by DHS goons' bullying of people for library use, parking violations, underage drinking or whatever is the latest thing they have to pass the boredom. Cyber security is a great area but they could do best by establishing tools for bug detection and safe code writing. In fact while a government certification and free bug testing is nice it is not what they are supposed to be doing.
Well, at least it can be seen that there is overwhelming bias at slashdot.
- Saying that one race group is inferior to another constitutes a "bias": correct.
- Saying that some software is better than other software constitutes a "bias": incorrect
The two are not analogous. The flaw in your argument is the implicit assertion put forth that "all software is created equal" (so to speak) and that any preference of some software over another must therefore constitute a bias. Here's a cluestick for you: Software really does differ.
I suppose you would also slate a mechanic for "hypocrisy" and "bias" if he said that a Ferrari is better than a Hyundai.
What protest? It isn't a protest to point out political reality.
For what it's worth, I voted for GWB in both elections. I personally think that most of the New Orleans/Katrina coverage is sniveling. I recently sent email to my Congressional delegation telling them to pull their head out of their collective asses and stop hating people just because they're Arabs. Of course you probably just assumed that because I'd point out a current political controversy that I'd be anti-Bush. Sorry to tell you, but I've voted Republican at every level of government going back to Reagan, the last of the true conservative Presidents.
It's people like you who've screwed up our political system with your inane, single-minded approach to debate.
If you don't want crime to pay, let the government run it.
I am sorry. I don't follow your argument at all.
First, what does CAD have to do with security? What does the number of users of Autodesk or Solidworks have to do with anything in this discussion? And, just as an aside, the last time I looked, DXF formats where supported by most CAD vendors, open or closed source.
Now, OpenOffice may not be as productive as Microsoft Office. Is your claim that this is due to bugs in OpenOffice? Further, is your claim that the cause of these bugs is because OpenOffice is an open source application? Easily refuted -- OpenOffice.org USED to be StarOffice, which was a COMPLETELY closed source application until purchased by SUN Microsystems, who open-sourced it. You may still have a point that the Microsoft product is superior for your uses. Just not relevant.
Now, you touch on Education, Support, and Installation issues. Is your claim that the lack of these constitutes a "bug" in the software sense?
Ratboy.
Just another "Cubible(sic) Joe" 2 17 3061
That is perfectly logical. Software that comes OUT of a compiler should certainly be tested for quality. Watcom processes source code, and produces a resulting change, so it's valid to ask questions about that. Likewise, Open Source is a process, with its own unique qualities and product attributes. Also, it's an ALTERNATIVE process to the main ones used to develop software, so the idea of evaluating the different outcomes from each alternative is entirely valid.
Have Linux installed at your place in Amsterdam, for cheap
Reminds me of when as a noob, I reported an error in a man page to a project mailing list, hoping somebody close to the project might pick it up and fix it. Nah, the response was: OK, write yourself a new man page.
What project was it? Is it anything we care about?
How about linking to your 'bug report' so that we can see this supposed reply?
That attitude still pervades most OSS projects.
What OSS projects are you referring to? Not all OSS projects are equal. You are generalising.
What evidence do you have of most OSS projects having a bad attitude?
I'll probably be modded down for this...
This war has already happened, and open source is just picking off the last few closed source soldiers.
All the apps on my machine are open source (except windows itself), and where the apps go.... Eventually so will the OS. It's just gonna take a lot longer. The app war isn't even fully finished yet. Look at Gimp/Photoshop. They are still kind of duking it out, but gimp is the inevitable winner, and a few graphics profs already realise that and are jumping ship, if for no other added insentive than saving $1.5m on 500 photoshop stations or something.
Open Source has already won. Just let the last few battles play out in the pathetic ways that they will.
rhY
I hold very few opinions. I hold information based on observation and fact. If you wish to disagree, please use facts.
This article is kind of dump. It compares LAMP to everything else FOSS.
I don't need that, I need to know how FOSS compares to Proprietary Software
Being open source though, it probably started out a little behind the closed source, because it likely did not have a paid and well-organized development group working on it.
That's probably the most absurd argument I've ever heard. Firstly, the assumptions are wrong: people also get paid to work on free software, and some of them work in well-organized groups.
Secondly, what's the definition of `well-organized'? Working to implement a fixed feature set to a fixed deadline (which can be roughly equivalent to being told "run 100 meters in two seconds")? The feature list being driven by whatever hype-words the marketing folks heard from your company's competitor, and the ship date being "before the christmas sales"? Of course, the team is being well-organized by a manager who hasn't read The Mythical Man-Month, so as the schedule slips, he keeps adding programmers--does that help? ("if a project is late, adding programmers will make it even more late", due to quadratic communication overhead).
On the other hand, with free software developed with the Bazaar model, you have one very key benefit: the coders are (mostly) self-selected. Why do the work on the code? Doesn't matter (here), but most do it because they get some kind of intrinsic reward, and are thus better motivated. Also, you have parallelizable (and hopefully -lized) debugging, for which there's linear communication overhead (every J. Random Hacker talks to the project lead dev, or a small O(1) core).
Oh, by the way, I think Mac OS classic was written by "paid, well-organized" people, yet it did not support preemptive scheduling or memory protection. Nourishing substances for activities in the (pre)frontal lobes.
(note: I don't love hating Mac OS classic--I bash all OSes which doesn't have memory protection and preemptive scheduling, and I don't love hating Apple either--In fact I think that Mac OS X may be a very good choice for mom, pop, my gf and aunt tillie; I won't use it, because not all of the software is free, afaik, but in a strictly technical sense it's great for joe sixpack).
The US Navy replaced Sun with Yellow Dog Linux, originally on Apple hardware and now on some other PowerPC based hardware, for sonar processing on subs.
No, it couldn't be. Your website bites. Having seen it one can see the desolation of the field from which your opinion grew. I'm sorry.
Help stamp out iliturcy.