[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Doom of Debian Re: Debian Weekly News - February 18th, 2003

Martin Schulze wrote:

Removing mICQ from Debian? Martin Loschwitz [16]proposed to remove
[17]mICQ from Debian entirely since the upstream author has placed a
harmful and [18]obfuscated easter egg in the code, bypassing the
maintainer's testing. Anthony Towns [19]asked all maintainers to
review upstream changes before packaging code, Branden Robinson
already [20]reads every line of diff that gets applied to his XFree86
packages. Rüdiger Kuhlmann later [21]reported that the problems were
resolved and that the easter egg was replaced. Martin Loschwitz also
sent an [22]update.

If it isn't possible to trust free software, then it isn't valuable to bring on a project like Debian either. :(

While Anthony's proposal of "Reviewing all upstream changes" makes sense on a security standpoint, it will put the necessary strain to Debian to self-destruct the distribution. There already are problems to port 6000+ packages on (how many? 7? 11?) different architectures, this harmful easter egg could be the drop that tops off the distribution. I have already begun to see growing disaffection to GNU/Linux by former enthusiast people, and this can simply spell the final doom on the credibility of open-source.

This, of course, is my humble opinion, and I may (hopefully) be wrong.

                              Davide Inglima
         "The question of whether computers can think is like the"
       "question of whether submarines can swim." -- Edsgar Dijkstra

Reply to: