[ale] Cory Doctorow, right again
Jim Kinney
jim.kinney at gmail.com
Fri Mar 16 14:19:34 EDT 2012
If someone I know and trust has looked at code and said they would use it,
that's an endorsement of usefulness that I will accept for me to install
and use the code.
The premise of "YOU can look at the source" is outdated. As long as the
source is available and the binary I run can be traced to the source that
has been checked by a trusted chain or people, that's about the best we can
get.
The alternative is "Trust us. We're cool. Everyone uses our code."
For 20 years I've seen Microsoft sacrifice reputation for profit by
continually releasing code that is "unsafe at any clockspeed" (See Bob
Toxen sig :-). Apple fares little better in their product line up. The only
difference with the Apple stuff is they control ALL of it - from the screws
and plastic clips to the chips and screens and all the code. The user must
"do as Uncle Steve says".
Making a profit while also being willing to let everyone "look under the
hood" is a seriously amazing way to do things (RedHat).
Making a gargantuan profit from open source tools and parts while keeping
your expansion of those tools secret and hidden is slimy (Google).
Making a f'ing unreal profit by brainwashing your customers into buying
every gadget you make is the Apple way.
Microsoft just makes you upgrade the OS to get a new batch of bugs. Apple
makes you buy a new pile of hardware (built by modern slave labor).
On Fri, Mar 16, 2012 at 2:02 PM, James Sumners <james.sumners at gmail.com>wrote:
> Which all boils down to exactly what I said. Either ignore installing
> third party software altogether, or do the best you can with the time
> you have. The argument that open source is safer because you,
> yourself, can look at the code before installing it is ludicrous. If
> you have the time to do that for _every_ piece of software you
> install, then you must not be doing anything else.
>
> On Fri, Mar 16, 2012 at 13:42, mike at trausch.us <mike at trausch.us> wrote:
> > On 03/16/2012 01:29 PM, James Sumners wrote:
> >> It has applications that are shipped with it. And you can use webapps
> >> all day long. You don't _have_ to use the AppStore. But if you do use
> >> it, then you still have to decide if you trust the developer. If you
> >> install something that seems scummy in the description (poorly
> >> translated descriptions, bad reviews, etc.) then that's on you. It
> >> isn't the fault of anyone, or anything, else.
> >
> > And what if you install a highly-rated, seemingly legitimate app that
> > does things that you aren't aware of because you have no way to possibly
> > be aware of them?
> >
> > There are security concerns with any application software on any
> > platform or device that are a mile long and simply cannot be addressed
> > by the average user. These problems will likely never go away, unless
> > the entire world moves to a model where the source code for all software
> > becomes generally available. And even then, you have the problems that
> > were discussed in “Reflections on Trusting Trust” (a very worthwhile
> > read if you haven't), making it almost completely impossible to sanely
> > be able to settle on any level of trust in software. One would have to
> > take a copy of a (as Thompson calls it) "bugged" binary and examine it
> > on a system that is known to not be bugged.
> >
> > I don't know about you, but I don't have the means to create a
> > completely isolated environment in which to be able to assert such
> > levels of trust. At least not yet; it would be possible to do but it
> > would not be really doable without a great deal of time, effort and
> money.
> >
> > And even then, who would be insane enough to trust anyone else to create
> > such a thing for them? :-)
> >
> > --- Mike
> >
> > --
> > A man who reasons deliberately, manages it better after studying Logic
> > than he could before, if he is sincere about it and has common sense.
> > --- Carveth Read, “Logic”
> >
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
> >
>
>
>
> --
> James Sumners
> http://james.roomfullofmirrors.com/
>
> "All governments suffer a recurring problem: Power attracts
> pathological personalities. It is not that power corrupts but that it
> is magnetic to the corruptible. Such people have a tendency to become
> drunk on violence, a condition to which they are quickly addicted."
>
> Missionaria Protectiva, Text QIV (decto)
> CH:D 59
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
--
--
James P. Kinney III
As long as the general population is passive, apathetic, diverted to
consumerism or hatred of the vulnerable, then the powerful can do as they
please, and those who survive will be left to contemplate the outcome.
- *2011 Noam Chomsky
http://heretothereideas.blogspot.com/
*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20120316/3591d500/attachment-0001.html
More information about the Ale
mailing list