Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Foundation: Bugs Can Be Made Shallow With Proper Funding

Posted by timothy on from the cybernetic-eyeballs-are-people-too dept.

jones_supa writes The record amount of security challenges in 2014 undermined the confidence many had in high quality of open source software. Jim Zemlin, executive director of the Linux Foundation, addressed the issue head-on during last week's Linux Collaboration Summit. Zemlin quoted the oft-repeated Linus' law, which states that given enough eyes, all bugs are shallow. "In these cases the eyeballs weren't really looking", Zemlin said. "Modern software security is hard because modern software is very complex," he continued. Such complexity requires dedicated engineers, and thus the solution is to fund projects that need help. To date, the foundation's Core Infrastructure Initiative has helped out the NTP, OpenSSL and GnuPG projects, with more likely to come. The second key initiative is the Core Infrastructure Census, which aims to find the next Heartbleed before it occurs. The census is looking to find underfunded projects and those that may not have enough eyeballs looking at the code today."

1 of 95 comments (clear)

  1. Re:Linux was better when there was little funding. by Anonymous Coward · · Score: 0, Flamebait

    Linux doesn't have "power users", it has programmers. Programmers recognize that systemd is doing the Right Thing. Sysadmins who think their entire job is to write shell scripts don't like systemd because they might have to update their skills. We get it: you're stuck in the 90s. I'm sure it was a good time for you. Please keep using your old software that's broken just the way you like it.

    A hobby OS is one that forces you to script its internals. Linux needs a system which allows it to track processes and resources accurately, rather than just double-forking and hoping that the pidfile will be accurate when you need that service again. What you're saying is, "I don't understand why people think systemd is necessary." If you had any intellectual honesty that would be your cue to research exactly why people think systemd is necessary. Instead you've come to nostalgize about some golden time of Linux, that never was. If you don't like the direction things are going, please leave, and don't let the door hit you on the way out.