Pages

Jump to bottom

4 comments

1 Jay in Oregon  Apr 23, 2014 2:23:15pm

Has anyone explained to developers of open-source projects that using “Libre” in a project name makes you sound like a pretentious twat?

Oh, wait, it’s Theo de Raadt. Never mind.

And where were all of these developers when OpenSSL was apparently languishing for years? Nothing was stopping them from auditing the code or contributing patches before now.

2 William Barnett-Lewis  Apr 23, 2014 7:19:48pm

Theo… I wondered when his ego would show up.

All _I_ need to know.

3 3eff Jeff  Apr 23, 2014 9:05:30pm

re: #1 Jay in Oregon

It would be lovely if things were that simple. Where were they? Probably holding down day jobs and working on other mission critical software infrastructure. For instance: OpenSSH, which underpins the other half of my company’s security systems.

OpenSSL has had a reputation for being suboptimally managed and a bit of a mess for a while now. There are security patches that have languished for years, and the code was notorious for being difficult to maintain. The state of the codebase was probably keeping a significant number of potential volunteers away.

The kind of gutting the OpenBSD team is doing right now to that code base would not have been accepted by the current maintainers. A bunch of OpenBSD coders wandering onto the mailing list and submitting crazy patches that gut the legacy interoperability code would not have been accepted. It’s probably better that they forked the code to start on this experiment rather than suit up for the flame wars that would happen if they’d attempted the culture clash first.

Yes. Theo de Raadt is a bit of a jerk. Some around here might label him a dudebro. But he and his crew are good engineers, and their particular brand of paranoia and technical conservativism are what’s called for when designing crypto systems. I already trust them with that, and I hope this works out. I wish they’d done it earlier.

4 Jay in Oregon  Apr 24, 2014 1:08:21pm

I wasn’t even specifically talking about Theo de Raadt. I was talking about all of the giant tech companies, banks, social media sites, etc. who use OpenSSL but apparently, it seemed, didn’t think it was important to support the project until not doing so bit them in the ass.

Of course, now it looks like they’re going to chip in. Better late than never, I suppose:

littlegreenfootballs.com


This page has been archived.
Comments are closed.

Jump to top

Create a PageThis is the LGF Pages posting bookmarklet. To use it, drag this button to your browser's bookmark bar, and title it 'LGF Pages' (or whatever you like). Then browse to a site you want to post, select some text on the page to use for a quote, click the bookmarklet, and the Pages posting window will appear with the title, text, and any embedded video or audio files already filled in, ready to go.
Or... you can just click this button to open the Pages posting window right away.
Last updated: 2023-04-04 11:11 am PDT
LGF User's Guide RSS Feeds

Help support Little Green Footballs!

Subscribe now for ad-free access!Register and sign in to a free LGF account before subscribing, and your ad-free access will be automatically enabled.

Donate with
PayPal
Cash.app
Recent PagesClick to refresh
Detroit Local Powers First EV Charging Road in North America The road, about a mile from Local 58's hall, uses rubber-coated copper inductive-charging coils buried under the asphalt that transfer power to a receiver pad attached to a car's underbelly, much like how a phone can be charged wirelessly. ...
Backwoods Sleuth
3 days ago
Views: 186 • Comments: 1 • Rating: 4