Wheeler: Insecure open source software libraries?
Posted Apr 8, 2012 10:59 UTC (Sun) by khim
In reply to: Wheeler: Insecure open source software libraries?
Parent article: Wheeler: Insecure open source software libraries?
It seems like you're insisting that the upstream app developer must do "quality assurance" on every possible OS or distribution that the app can possibly run on.
No. If some platform uses programs designed for other platform - it's their choice, in this case OS designers should provide Q&A. This is very common case: it happens every time new version of OS is released (as usual Linux desktop developers shirk this responsibility, but other OS vendors are more serious about it).
But yes, if developer releases program for some platform (especially if said program is sold for $$) then s/he must do Q&A - or else why release anything at all?
That's just fundamentally impossible in the absence of an OS monoculture, and by its very nature GNU/Linux cannot become a monoculture.
You don't need monoculture. Android releases include a lot of customizations - yet most of them don't affect app developers at all. The observed problems are mostly caused by changes in hardware (for example all the programs which assumed you can use trackball to move around are basically unusable on Galaxy Nexus S… yet they still run and use can use them with external mouse).
Linux users understand this is so and still keep using it, because the benefits of non-monoculture outweigh the downsides.
Sorry, but this is bullshit. This description may cover some small percentage of Linux users but most of them think that when something does not work on Fedora (usually because of SELinux) it's our fault even if the identical package works on Ubuntu. So no, they don't “understand this”. If you'll visit any FOSS conference you'll see how many former Linux users finally understood it… and decided that life is too short to play these games. Most of them are now MacOS users, but some returned back to Windows.
to post comments)