lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 7 Aug 2006 01:41:27 +0300
From:	"Shem Multinymous" <multinymous@...il.com>
To:	"Arjan van de Ven" <arjan@...radead.org>
Cc:	"Andrew Morton" <akpm@...l.org>, rlove@...ve.org,
	khali@...ux-fr.org, gregkh@...e.de, alan@...rguk.ukuu.org.uk,
	linux-kernel@...r.kernel.org, hdaps-devel@...ts.sourceforge.net
Subject: Re: [PATCH 01/12] thinkpad_ec: New driver for ThinkPad embedded controller access

Hi Arjan,

On 8/6/06, Arjan van de Ven <arjan@...radead.org> wrote:
> Open source is all about trust. Person A takes a patch from person B
> because person A has trust in B (conditional on the patch meeting a
> technical standard). In B's technical ability, in B's intentions, in B's
> sincerity, in B's honesty when he says "this is my work and you can use
> it because nobody but me has a claim on this".

Excellent points.


> Using a fake name is not a good way to gain such trust... At all.
> Explicitly refusing to say who you really are just lowers the trust even
> more, because it gives a strong appearance that something really fishy
> is going on.

Agreed. But this is only a heuristic; maybe in this case nothing fishy
is going on, whereas many nice-looking patches would reek to heaven if
inspected more closely.

So how about exercising judgment? Look up the tp_smapi development
history on sf.net (under project "tpctl"), the relevant posts on
thinkpad-devel, hdaps-devel and even a bit on lkml, and see if this
looks like standard, clean kernel development or a sinister attempt to
steal our precious bolidy fluids.

  Shem
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ