One attempt thwarted

Posted Nov 8, 2003 3:12 UTC (Sat) by lm (guest, #6402)
In reply to: One attempt thwarted by dlang
Parent article: An attempt to backdoor the kernel

> this attack was detected by the 'hundreds of eyeballs' approach,
> only one eye saw it becouse he was the only one looking for this,
> but in the 'traditional' closed-source approach that person would
> not have been looking

That's nonsense. This attack was detected because BitMover trains their engineers to be paranoid, end of story. There were "hundreds of eyeballs" that could have detected this, why didn't they? Gimme a break. It's pathetic of you to try and turn this into an open/closed argument, it has nothing to do with either. This was detected because we train our engineers to be competent. You can have good engineers in the open source world and good in the closed source world, and I'll remind you it was an open source system which was attacked.

As Linus said "it's telling that it was the CVS tree and not the BK tree that somebody tried to corrupt."

One attempt thwarted

Posted Nov 13, 2003 2:47 UTC (Thu) by dlang (guest, #313) [Link]

the bitkeeper engineers were one of those hundreds of eyeballs, they happened to detect it first.

the only way you will have lots of people reporting the same bug is if they don't read what others have discovered and/or there is a long time period between a bug being discovered and it being announced. the normal situation is one person (or a very small number) discoveringa issue and publicising it for others.

even in this case when Larry first posted about this to the L-K list he didn't post 'someone attempted to put a backdoor in the kernel' he posted 'I noticed something strange, can anyone tell me why this happened' and a few posts later he posted the change that was inserted and a few posts after that a few people noticed that it was a backdoor.