Subject: Re: reviewing code
From: Mark Eichin <eichin@thok.org>
Date: 30 Aug 2002 11:13:52 -0400

> speak of SSH, Apache, and OpenSSL). Does this mean we can't trust
> trusted software? I don't think so...

Oh, we can't "trust" current-state-of-the-amateurs software at all.
But we get a lot done by "nervously keeping an eye on it" and trying
to fence it around with damage-minimizing dikes... and move on to more
interesting things.

*Has* anyone seen a plausible or at least interesting security-related
fsb model?  There's the usual "many-eyes" and/or "public escrow"
arguments about source visibility, and the "competitive contracting"
aspects too.  But the many-eyes argument is weak when the eyes that
are good at it are directed elsewhere...