 85160670"If U know neither the enemy nor yoursel
Premium Member
join:2013-09-17
Edmonton, AB
1 edit |
85160670
Premium Member
2015-Apr-20 1:49 pm
Why the open source software model is fundamentally broken ¿ ¿Most home security routers use LINUX ......"There was a very frank question pegged towards Slashdot readers a few months back, which I happened to stumble upon just by chance during some Googling. It was a pretty simple question that merely asked: for the non-coders out there, especially ones taking advantage of open source software, why aren't more of you contributing back to the open source community?" .....[ » betanews.com/2015/04/20/ ··· -broken/ ] ////////////////////////////////////////////////////////////////// Here are the broken routers "D-Link says sorry for shoddy security and sloppy patching of its routers"..."The HNAP issue affects DIR-890L (A1), DIR-880L (A1), DIR-868L (A1), DIR-865L (A1), DIR-860L (B1), DIR-860L (A1), DIR-850L (B1), DIR-850L (A1), DIR-820LW (B1), DIR-818LW (A1), DIR-817LW (B1), DIR-816L (A1), DIR-815 (B1), DIR-600 (B1), DIR-300 (B1), DIR-629 (A1), and DAP-1522 (B1). The problem is listed on D-Link's support pages where it is described thusly:" ...[ » betanews.com/2015/04/20/ ··· routers/ ] |
|
 therube
join:2004-11-11
Randallstown, MD |
quote:
Why the open source software model is fundamentally broken ¿ ¿
How does that relate? |
|
|
 ·AT&T U-Verse
|
to 85160670
There's no real substance, as far as I can see.
Someone has picked a few disagreements and blown them way out of proportion.
The routers that are mentioned are commercial products. Sure, they use some open source software. But the fact that a commercial vendor cuts corners to maximize profits has very little to do with whether "the open source software model is fundamentally broken".
For that matter, I doubt that there is such a thing as "the open source software model". Open source projects don't all follow a single model.
--
AT&T Uverse; 2Wire 3800-HGV router; openSuSE 13.2; KDE 4.14.5; firefox 36.0 |
|
 camperjust visiting this planet
Premium Member
join:2010-03-21
Bethel, CT
kudos:1 ·Xfinity
|
to therube
said by therube:How does that relate? I gave up reading betanews.com a couple of years ago, as the editors there tended towards page-hit-producing sensationalism. Nice to see they haven't changed....  |
|
85160670"If U know neither the enemy nor yoursel
Premium Member
join:2013-09-17
Edmonton, AB |
85160670
Premium Member
2015-Apr-20 3:36 pm
THX 4 your comment & I'm confused ..... *_^ said by camper:said by therube:How does that relate? I gave up reading betanews.com a couple of years ago, as the editors there tended towards page-hit-producing sensationalism. Nice to see they haven't changed.... |
|
dave
MVM
join:2000-05-04
not in ohio
kudos:10 |
to 85160670
Assuming you mean that there's some connection between 'the open-source software model being fundamentally broken', and D-Link shipping routers with gaping security holes -- there isn't.
Open-source software means that the organization responsible for making sure D-Link's software is functional, secure, and generally acceptable is... D-Link. And no-one else.
If you buy closed-source software as a base for your product, you can perhaps go and gripe at your vendor if it's not fit for purpose. If you base your product on FOSS, then the responsibility of anyone else to ensure your problem-free operation is precisely reflected in the price you paid for it. FOSS doesn't excuse you from having a clue. |
|
85160670"If U know neither the enemy nor yoursel
Premium Member
join:2013-09-17
Edmonton, AB |
85160670
Premium Member
2015-Apr-20 10:55 pm
THX ..... dave, I just make my own cocktail {{{ CHEERS }}} |
|
| |
to 85160670
said by dave: If you base your product on FOSS, then the responsibility of anyone else to ensure your problem-free operation is precisely reflected in the price you paid for it. FOSS doesn't excuse you from having a clue. ...though with recent events, clearly not the case. Heartbleed comes to mind. Gawd what a fustercluck THAT was. To me, the attitude seems to be "oh, we get the software for free, we assume it works, so what we save in development we'll markup on our side as profits! WIN! WIN!"  My 00000010bits Regards |
|
camperjust visiting this planet
Premium Member
join:2010-03-21
Bethel, CT
kudos:1 ·Xfinity
|
camper
Premium Member
2015-Apr-21 2:23 pm
said by HELLFIRE:Heartbleed comes to mind. In that instance, the quality of the source code was so bad that it all but prevented third party people from looking through it for errors. Hence the forking of the project for google's BoringSSL and OpenBSD's LibreSSL. It looked like OpenSSL was written by a bunch of paid-for consultants who rejected outside suggestions and bug reports. So, yes, OpenSSL was open source, but the developers all but prevented a community from building up around it. imo, of course. |
|
dave
MVM
join:2000-05-04
not in ohio
kudos:10 |
dave
MVM
2015-Apr-21 2:47 pm
Sounds like software development as usual to me. Some programmers can, some can't. |
|
camperjust visiting this planet
Premium Member
join:2010-03-21
Bethel, CT
kudos:1 |
camper
Premium Member
2015-Apr-21 2:52 pm
True. But some projects/developers seem to attract a better community involvement. The fact that other projects/developers cannot does not make the open source model fundamentally broken. |
|
KearnstdSpace Elf
Premium Member
join:2002-01-22
Mullica Hill, NJ
kudos:2 |
to 85160670
In commercial products FOSS means they do not have to buy from closed source but it also means they have to make sure it is secure when their own code is added. Of course if making the best damn router ever has to come against paying executive bonuses and short term profits we know what wins every time in business.
--
Filan - Aurin Spellslinger - Pago - Team Legacy |
|
| |
to 85160670
...another example -- though not specifically security-related -- comes to mind, anyone remember the RealMagic fiasco?
Basically pulled down the OpenDivx(?) source code, slapped their name on it, and well...
My 00000010bits
Regards |
|
·
·
